Chapter 1 - Social Engineering Techniques Flashcards
what is social engineering?
an attack against a user that involves a form of social interaction.
phishing attack
an attacker attempts to obtain sensitive information through a trusted entity such as email or instant messaging
smishing attack
is an attack done by text message (SMS phishing)
vishing attack
a phishing attack that is done over the phone or voicemail to obtain personal information
SPAM
unsolicited email sent in bulk
typosquatting
a type of URL hijacking- https://yutube.com
Pretexting
the attacker creates a false narrative to influence the victim to give up some type of information
Prepending
adding to the beginning of text-https://yyoutube.com
pharming
misdirecting users to a fake website made to look real
what is the difference between pharming and phishing?
pharming- harvest large groups of people
phishing- collect access to credentials
Reconnaissance
a military term that is used to gather information on the victim
spear phishing
used to target a specific person or group of people
Whaling attack
the attacker’s target is a high value person such as a CEO or CFO
Impersonation
attackers pretending to be someone they aren’t
Eliciting information
extracting information from the victim
example: help desk