Exam9 Flashcards
The practice of sending email to users with the purpose of tricking them into revealing personal information or clicking on a link a malicious version of spam.
Phishing
Uses the phone system to trick users into giving up personal and financial information. Often uses VoIP to make it look like the call is coming from a real company
Vishing
A form of phishing that uses SMS instead of email. some attacks include malicious attachments and some try to convince a user to give up personal information.
Smishing
Unwanted or unsolicited email. some is harmless advertisements while some is malicious including malicious links, code, or attachments.
Spam
Unwanted messages sent over instant messaging (IM) channels. bypasses typical antivirus and spam filters.
Spam over internet messaging (SPIM)
A targeted form of phishing targeting a specific group of users or even one specific user. May attack employees within a company or customers of a company.
Spear Phishing
The practice of searching through trash or recycling containers to gain information from discarded documents.
Dumpster Diving
looking over the shoulder of someone to gain unauthorized information by casual observation
Shoulder Surfing
an attack that manipulates the DNS name resolution process. either tries to corrupt the DNS server or the DNS client.
Pharming
The practice of one person following closely behind another without showing credentials
Tailgating
The act of getting information without asking for it directly. techniques include active listening, reflective questioning, false statements, and bracketing.
Eliciting Information
A form of spear phishing that targets high level executives. Can target high level executives or impersonate high level executives to send messages to high level employees.
Whaling
Used offensively by attackers to attempt to get a user to open a malicious email. Examples of prepending emails can be starting the subject with [SAFE] or [URGENT]
Prepending
When someone steals personal information and uses it for fraudulent activity like opening bank accounts, falsifying tax returns, or applying for loans
Identity Fraud
Attempting to trick people or organizations into paying for services that they did not order and probably did not receive
Invoice Scams
Any attempt to recover usernames and passwords from a user. This can be done via shoulder surfing, phishing or other means.
Credential Harvesting
Gathering as much information as possible on a target, usually thought open source sources
Reconnaissance
A message, often circulated via email, which tells of impending doom from a virus or other security threat that simply doesn’t exist.
Hoax
Pretending to be someone with a certain level of authority in order to obtain access or information
Impersonation
Attempts to discover which websites a group of people are likely to visit and then infects those websites with malware that can infect the visitors
Watering Hole Attack
Also called URL hijacking, relies on mistakes, such as typos made by users inputting a website address into a web browser. When a user enters an incorrect website address, the squatter may lead them to any URL
Typo Squatting
A fictitious scenario added to a conversation to make a request more believeable
Pretexting
User a variety of sources to influence public perception such as hybrid warfare and social media
Influence Campaigns
A military strategy that blends conventional warfare with unconventional methods to influence people. Today a popular method uses social media
Hybrid Warfare
The right to use power which is often adhered to in impersonation, whaling, and vishing attacks
Authority
Most effective with impersonation and vishing attacks. Can involve bullying
Intimidation
Attackers take advantage of this psychological state by creating websites with fake testimonials that promote a product. Sometimes called social proof. Often used with trojans and hoaxes.
Consensus
Convincing someone that there is a limited quantity of an item. Used in phishing.
Scarcity
Building rapport with the victim before launching the attack
Familiarity
Convincing targets that they need to act now. Can be done using a timer. most effective with ransomware, phishing, vishing, and whaling.
Urgency
Includes a wide range of software that has malicious intent. Installed on a system through devious means.
Malware
Similar to familiarity. Used to build a relationship with a target before launching an attack. Often used with vishing.
Trust
A self-replicating program is able to propagate itself across a network, typically having a detrimental effect.
Worms
Software that cannot definitively be classed as malicious, but may not have been chosen by or wanted by the user.
Potentially unwanted programs (PUPs)
Typically looks like something beneficial, but it’s actually something malicious. Can come as pirated software, a useful utility, or a game.
Trojans
A type of malicious software designed to block access to a computer system until a sum of money is paid.
Ransomware
A type of malicious software that runs in memory. Some techniques used are memory code injection, script-based techniques, and Windows registry manipulation.
Fileless virus
A computer controlled by an attacker or cybercriminal, which is used to send commands to systems compromised by malware and receive stolen data from a target network.
Command and Control
Software robots that function automatically. A botnet is a group of computers that are joined together. Attackers often use malware to join computers to a botnet, and then use the botnet to launch attacks.
Bots
A string of code embedded into an application or script that will execute in response to an event.
Logic Bombs
A special class of adware that collects data about the user and transmits it over the Internet without the user’s knowledge or permission
Spyware
Software that tracks or logs the keys struck on your keyboard, typically in a covert manner so that you don’t know that your actions are being monitored.
Keyloggers
A type of malware that allows attackers to control systems from remote locations. Often delivered by drive-by-downloads or malicious attachments in emails.
Remote Access Trojan (RATs)
A set of programs that enables its user to gain administrator level access to a computer without the end user’s consent or knowledge.
Rootkit
Provides another way of accessing a system; bypass normal authentication methods; allow attackers to access systems from remote locations
Backdoor
A Special type of brute force or dictionary attack designed to avoid being locked out.
Spraying
A type of password attack that automates
password guessing by comparing encrypted passwords against a predetermined list of possible password values.
Dictionary attack
An attack on passwords or encryption that tries every possible password or encryption key.
Brute Force attack
Attempts to discover a password from a captured database or a captured packet scan.
offline attack
Attempts to discover a password from an online system.
Online attack
A table of hash values and their corresponding plaintext values that can be used to look up password values if an attacker is able to steal a system’s encrypted password file.
Rainbow table
A USB cable embedded with a Wi-Fi controller that can receive commands from a nearby device to send malicious commands to the connected mobile device.
Malicious USB cable
a physical device that contains malicous PDFs, files, etc that could be harmful to your computer, older systems would automatically upload from this physical device without user consent
Malicious flash drive
acquired information from a skimmer that can be made into a duplicate card, most commonly found when duplicating gift cards, can’t duplicate chips, only magnetic strips
Card cloning
capturing credit card data at the point of sale
Skimming
Attempts to fool AI models by supplying it with deceptive input. When successful it can cause an error or malfunction in the AI model.
Adversarial AI
Providing bad data to a machine learning algorithm in order to force the algorithm to give inconsistent results
Tainted training data for machine learning
An attempt to exploit a weakness/vulnerability in the process that produces a service.
supply chain attacks
Cloud: Offsite, usually managed by third party, lower cost, no data centers, limited downtime
On-premises attack: On-site, full control of data, system check can occur at anytime, high cost and time consumption
cloud-based vs on-premises attacks
A type of password attack that exploits weaknesses in the mathematical algorithms used to encrypt passwords, in order to take advantage of the probability of different password inputs producing the same encrypted output.
Birthday attack
When the encrypted hashes of two different strings are the same
Collision
An attack in which the system is forced to abandon the current higher security mode of operation and fall back to implementing an older and less secure mode.
downgrade attack
