Chapter 1 - Social Engineering Techniques Flashcards

1
Q

what is social engineering?

A

an attack against a user that involves a form of social interaction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

phishing attack

A

an attacker attempts to obtain sensitive information through a trusted entity such as email or instant messaging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

smishing attack

A

is an attack done by text message (SMS phishing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

vishing attack

A

a phishing attack that is done over the phone or voicemail to obtain personal information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SPAM

A

unsolicited email sent in bulk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

typosquatting

A

a type of URL hijacking- https://yutube.com

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Pretexting

A

the attacker creates a false narrative to influence the victim to give up some type of information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Prepending

A

adding to the beginning of text-https://yyoutube.com

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

pharming

A

misdirecting users to a fake website made to look real

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what is the difference between pharming and phishing?

A

pharming- harvest large groups of people

phishing- collect access to credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Reconnaissance

A

a military term that is used to gather information on the victim

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

spear phishing

A

used to target a specific person or group of people

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Whaling attack

A

the attacker’s target is a high value person such as a CEO or CFO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Impersonation

A

attackers pretending to be someone they aren’t

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Eliciting information

A

extracting information from the victim
example: help desk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

identity fraud

A

using a victim’s personal or financial information without permission. (pretending to be you)

17
Q

credit card fraud

A

an account is opened in your name or credit card information is being used

18
Q

bank fraud

A

attacker gains access to your account or opens a new account

19
Q

loan fraud

A

victims information is used for a loan or lease

20
Q

government benefits fraud

A

attacker obtains benefits on victims behalf

21
Q

dumpster diving

A

going through a targets trash to find valuable information

22
Q

shoulder surfing

A

obtaining personal information by looking over the victim’s shoulders

23
Q

Computer hoax

A

A threat that doesn’t actually exist; a fake warning

24
Q

watering hole attack

A

involves the infecting of a target website with malware that victims commonly visit

25
Q

What is SPIM?

A

Spam Over Instant Messaging

26
Q

Influence Campaigns

A

is used to sway public opinion on political and social issues

27
Q

hybrid warfare

A

a military strategy that is use to change the way people think in another country

28
Q

cyberwarfare

A

is used to attack an entity with technology

29
Q

Tailgating

A

using an authorized person to gain unauthorized access to a building

30
Q

invoice scams

A

attacker uses a fake invoice in an attempt to get a company to pay for things

31
Q

credential harvesting

A

the collection of login credentials

32
Q

authority

A

the power or right to give orders, make decisions, and enforce obedience.

33
Q

intimidation

A

to frighten or threaten someone, usually in order to persuade the person to do something he or she does not wish to do

34
Q

Consensus/Social proof

A

to convince based on what’s normally expected; a general agreement

35
Q

Scarcity

A

when something needs to be done in a certain amount of time

36
Q

Urgency

A

when something needs to be done immediately

37
Q

Familiarity

A

to have close acquaintance with or knowledge of something.

38
Q

Trust

A

someone who is safe and reliable ;to believe that someone is good and honest and will not harm you.