Foundations: Module 2 Flashcards
Phishing
Using fake messages to trick people into giving away personal info.
Business Email Compromise (BEC)?
An attacker pretends to be someone from work in an email to fool others.
Spear Phishing?
A fake email sent to a specific person to trick them.
Whaling
A phishing attack targeting important people like company executives.
Vishing
Tricking people using phone calls to get private info.
Smishing
Using text messages to trick people into sharing information.
Malware
Software designed to harm devices or networks, often to gain money or intelligence.
Viruses
Harmful code that spreads when someone clicks a bad link or opens an infected file.
Worms
Malware that copies itself and spreads on its own without anyone doing anything.
Ransomware
An attack where hackers lock your data and ask for money to unlock it.
Spyware
Malware that secretly steals and sells your info, like messages and location.
Social Engineering
A trick that takes advantage of people making mistakes to get access or information.
Social Media Phishing
Using someone’s social media to collect info and create attacks that feel personal.
Watering Hole Attack
Hacking websites that certain people often visit to secretly infect their devices.
USB Baiting
Leaving infected USB drives to trick users into plugging them in, spreading malware.
Physical Social Engineering
Pretending to be someone trusted to sneak into secure places.
Social Engineering Principles
Using tricks like acting important, rushing people, or pretending to be trustworthy to fool someone.
Authority
Pretending to be someone important to take advantage of how people usually respect authority.
Intimidation
Using threats or pressure to force victims into compliance.
Consensus/Social Proof
Tricking people by saying others already went along with it, so it seems real.
Scarcity
Making something seem rare or urgent so people feel rushed to act fast.
Familiarity
Faking a personal bond to make someone trust you and let their guard down.
Trust
Slowly building fake trust with someone to get their private information.
Urgency
Pushing someone to act fast so they don’t have time to think or ask questions.
Adversarial Artificial Intelligence (AI)
Using AI or machine learning to make cyberattacks faster and smarter.
CISSP
Certified Information Systems Security Professional? globally recognized cybersecurity certification.
Cryptographic Attack
An attack that tries to break or spy on secure messages between two people.
Hacker
A person who uses computers to access systems, networks, or data; legally or illegally.
Password Attack
Trying to break into systems or data that are locked with a password.
Physical Attack
A cyberattack that also affects real-world places or equipment.
Supply-Chain Attack
An attack that sneaks in by messing with software or hardware before it reaches the user.
