Impersonation 2.2 Flashcards
1
Q
Impersonation
A
- Attacker assumes a role that is recognized by the person.
- The attacker uses the potential victim’s biases against their better judgement to follow procedures.
2
Q
Ways for Impersonation
A
- Third parties, help desk operators, from vendors, or online sources.
3
Q
Eliciting Information
A
- The goal of any social engineering attack.
- Attackers uses a wide range of psychological techniques to convince people to perform tasks resulting in security compromises.
4
Q
Identity Fraud
A
- Use of fake credentials to achieve an end.
- Can be high risk or lower risk`
5
Q
Defense Against Identity Fraud
A
- Use strong policies and procedures with exceptions.
- No exception to disclosure policies.
6
Q
Protection Against Identity Fraud
A
- Never volunteer information.
- Don’t disclose personal details.
- Always verify before revealing info.
- Verification should be encouraged.