Chapter 4 Flashcards
Social Engineering
The practice of manipulating people through a variety of strategies to accomplish desired actions.
Authority
Relies on the fact that most people will obey someone who appears to be in charge or knowledgeable, regardless of whether or not they actually are.
Intimidation
Relies on scaring or bullying an individual into taking a desired action.
Consensus
Uses the fact that people tend to want to do what others are doing to persuade them to take an action.
Scarcity
Make something look more desirable because it may the be the last one available.
Familiarity
Based on you liking the individual or even the organization the individual is claiming to represent.
Trust
Relies on a connection with the individual they are targeting.
Urgency
Relies on creating a feeling that the action must be taken quickly due to some reason or reasons.
Phishing
A broad term used to describe the fraudulent acquisition of information.
Spear Phishing
Phishing that targets specific individuals or groups in an organization.
Whaling
Phishing that targets senior employees.
Credential Harvesting
The process of gathering credentials like usernames and passwords.
Spam
Unsolicited or junk email that is used to employ various social engineering attacks.
Shoulder Surfing
Looking over a person’s shoulder to capture information.
Tailgating
A physical entry attack that requires simply following someone who has authorized access to an area so that they open secured doors you can pass through as well.