Chapter 4 Social Engineering, Physical, and Password Attacks Flashcards
In Social Engineering attacks, what is the principle of Authority?
Authority relies on the fact that most people will obey someone who appears to be in charge or knowledgable.
In Social Engineering attacks, what is the principle of intimidation?
Intimidation relies on scaring or bullying an individual into taking a desired action.
In Social Engineering attacks, what is the principle of consensus?
uses the fact that people tend to want to do what others are doing to persuade them to take an action.
In Social Engineering attacks, what is the principle of scarcity?
used to make something look more desirable because it may be the last one available.
In Social Engineering attacks, what is the principle of familarity?
relies on you liking the individual or even the organization the individual is claiming to represent.
In Social Engineering attacks, what is the principle of trust?
like familiarity, trust relies on a connection with the individual being targeted.
In Social Engineering attacks, what is the principle of Urgency?
Urgency relies on creating a feeling that action must be taken quickly for some reason.
Social engineering: Urgency vs. Scarcity
Scarcity - only one left in stock!
Urgency - we need credentials or we’re going to miss out on this business deal!
Social Engineering: Familiarity vs Trust
Both rely on connection to the target, but:
familiarity relies on targets thinking something is normal and thus familiar
trust relies on the specific connection to the target
What is phishing?
broad term used to describe fraudulent acquisition of information
smishing vs vishing
smishing is via SMS, vishing is via telephone.
Spear phishing vs Whaling
Spear phishing is targeting specific individuals or groups in an organization,
Whaling is targeting specific individuals of high status or position (CEO, CISO, CFO)
Best defense against phishing?
security best practices, AWARENESS
pharming vs typosquatting vs watering hole
- Pharming redirects traffic away from legitimate websites to malicious ones,
- Typosquatting uses similar but subtly different URLs in hopes that people will mistype the legitimate URL and end up at the malicious one.
- watering hole attacks don’t redirect users, they use websites that targets frequent to attack them. this can be done by compromising the site or deploying malware through an ad network.
spam/SPIM
spam or SPIM (Spam over instant messaging) is unsolicited junk mail, relying on the idea that sooner or later if you send enough shit someone will click it.
In Person techniques
Dumpster diving
Shoulder surfing
tailgating
eliciting information - technique used to gather information without targets realizing they are providing it or being targeted.
Prepending
- adding an expression of phrase such as “safe” to a set of email headers to fool the user into thinking it’s safe
- adding information as a part of another attack to manipulate the outcome
- suggesting topics via social engineering to lead the target toward related information the attacker is looking for.
Pretexting
the process of making up a scenario to justify why you are approaching an individual. often used as part of impersonation to make the attack more believable.
Password Attacks
Brute force
Password spraying
dictionary attacks - uses a list of words to guide a brute force attack
note on password storage
“In fact, best practices for password storage don’t rely on encryption; they rely on passwords never being stored and instead using a well-constructed password hash to verify passwords at login.”
Malicious flash drive attacks
attackers may drop drives in places they are likely to be picked up and plugged in by unwitting victims at their target organization. Sometimes attackers will label the drives with compelling text that makes they more likely to be plugged in: performance reviews, financial planning, etc.
Can be a trojan.
Malicious USB cables exist, but are less common because they require dedicated engineering to build.
Card cloning
focus on capturing RFID and strip cards used for entry. attackers may also use “skimming” which is a fake reader that captures card data for cloning.
Supply chain attacks
compromise systems before it reaches an organization