Malware Notes Flashcards
Software designed to harm devices or networks.
Malware
Malicious code written to interfere with computer operations and cause damage to data and software.
Computer Virus
A manipulation technique that exploits human error to gain private information, access, or valuables.
Social Engineering
The use of digital communications to trick people into revealing sensitive data or deploying malicious software.
Phishing
A threat actor sends an email message that seems to be from a known source to make a seemingly legitimate request for information, in order to obtain a financial advantage.
Business Email Compromise (BEC):
A malicious email attack that targets a specific user or group of users. The email seems to originate from a trusted source.
Spear Phishing
A form of spear phishing. Threat actors target company executives to gain access to sensitive data
Whaling
The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source.
Vishing:
The use of text messages to trick users, in order to obtain sensitive information or to impersonate a known source.
Smishing:
Malware that can duplicate and spread itself across systems on its own.
Worms
A malicious attack where threat actors encrypt an organization’s data and demand payment to restore access.
Ransomware
Malware that’s used to gather and sell information without consent
Spyware
A threat actor collects detailed information about their target from social media sites. Then, they initiate an attack.
Social Media Phishing
A threat actor attacks a website frequently visited by a specific group of users
Watering Hole Attack
A threat actor strategically leaves a malware USB stick for an employee to find and install, to unknowingly infect a network.
USB baiting
A threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location.
Physical Social Engineering
