CompTIA Security+: Social Engineering Techniques & Other Attack Types Flashcards
What is Phishing?
- Cyber attack that uses disguised email as a vector - Goal is to trick recipient into believing that the message is legit
What s one of the most common exploits vectors?
Phishing
What are the 4different types of Phishing?
1) Spear phishing 2) Whaling 3) Vishing 4) Smishing
What is spear phishing?
Targets certain employees
What is whaling?
Targets high level employees or senior management
What is vishing?
Targets cell phones, telephones, or VoIP systems
What is smishing?
Uses SMS texting as the attach vector
What are common phishing indicators?
1) Vague salutations 2) Suspicious domains 3) URL Paths 4) Wrong hypertext 5) Awkward grammar 6) Urgency in text (“you must act immediately”) 7) Lack of contact info 8) Spoofed headers/logos
What is Business Email Compromise (BEC)?
- Form of attack that targets companies who outsource, conduct wire transfers, and have suppliers abroad
- Corporate email accounts of high level employees are either spoofed or compromised through keyloggers or phishing attacks, often to perform fraud transfers
Common BEC Schemes
1) Phony invoices or transfers 2) C-Suite (C-Team) fraud 3) Email or webmail account compromise 4) Attorney impersonation or hoaxing 5) Data theft of personal identifiable information (PII) or other personal information (health)
What is pharming?
A blending of “phishing” and “farming” - A site’s traffic is manipulated or spoofed and confidential info is stolen - Attackers may install a virus or trojan on target that changes the computer’s host file to direct traffic away from its intended target and toward a fake web site - Crackers may also poison a DNS server to re-direct multiple users to unintentionally go to the fake site, which in turn can be used to install malware on the victim’s computer
What is spam?
What are common categories for spam?
What is spim?
What is typosquatting?
What is tailgating/piggybacking?
What is dumpster diving?
What is shoulder surfing?
What is a watering hole?
What is the process for scams and fraud?
1) Impersonation is attempted remotely through IP soofing
2) The next vecotrs use phones, email, SMS, and IM
3) The next level involves masquerading as a legitimate entity
4) The goal is typically theft of financials, IP, PII, or PHI
What are scams and fraud?
Attackers go through great lengths to conduct their advance persistent threat against your organization including long-term hoaxes and scams
What types of scams and fraud are there?
- Elicit information and reconnaissance
- Hoaxing
- Identity fraid
- Impersonation and pretending
- Invoice scams
- Credential harvesting
How should employees react to hoaxes and masquerading?
What are influence campaigns?
These campaigns are also called misinformation operations and influencer operations
Goal is in red
Wht are the 6 reasons for Social Engineering Effectiveness? (Why is it so effective)
- Lack of proper security and awareness training
- Inadequate acceptable use policy (AUP)
- No buy-in from management and employees for prevention measures
- No enforcement of policies
- Outdated anti-vrus, DLP, and mobile device and application management tools
- Poor perimeter security controls for email,message, telephony, and web activities
Common Malware Attacks
All malware are exploits but not all exploits involve malicious code
What are Potentially Unwanted Programs?
Unwanted programs.
What is ransomware?
What are the steps of a ransomware campaign?
What is a trojan?
What do trojans do?
Install back doors to disguise themselves as…
What are Remote Access Trojans (RATs)?
Specific forms of troan horse malware. Often part of multi-staged exports.
Example of a RAT attack
What is a worm?
What is special about worms?
What can be affected by a worm?
What is spyware/adware?
What is keylogging?
What are Complex Malware Types?
What is a rootkit?
Category where the goal is to advance administative level over a system. Can be difficult to detect
What is the process for a backdoor?
1) Get access through the backdoor
2) Establish session
3) Compromise machine
What is a backdoor?
What are some backdoor exploits?
What are fileless viruses?
What is unique about fileless viruses?
What are bots and botnets (DDos)
What is the botnet process?
1) Bot affects host through varying attack vectors
2) Once host is infected, bot sends instructions (infiltrated data, etc.)
What is crypto malware?
What is the crypto malware process?
What is a logic bomb?
What is stegomalware?
What are polymorphic packers?
What are Multipartite Viruses?
What are password attacks?
What is password spraying?
What are rainbow tables?
How do rainbow tables attack work?
What are Malicious USB Cables?
How do Malicious USB Cables work?
What is skimming and card cloning?
How does skimming work?
What is Adversarial Artificial Intelligence?
A technique employed in the field of artificial intelligence which attempts to fool models through malicious input
What are types of adversarial artificial intellignece?
What is a supply chain attack?
Also called a value-chain or third part atack
Facts about Supply Chain Attacks
Supply Chain Attack Example
Cloud-based data Solution vs. On Premise
What are cryptographic attacks?
History of Cryptographic Attacks
What are different types of cryptographic attacks?
- Birthday attacks
- Known plaintext attacks
- Cipher-text only attacks
What is a birthday attack? (cryptographic)
What is a plaintext attack? (cryptographic)
What is a ciphertext-only attack?
What is a downgrade attack?
