Mod 2 Common Attacks Flashcards
Phishing
A technique that uses digital communication to trick people into revealing sensitive data or deploying malicious software.
Business Email Compromise (BEC)
A phishing attack where a threat actor impersonates a known source to make a seemingly legitimate request for information, often with the goal of obtaining a financial advantage.
Spear Phishing
A targeted phishing attack that focuses on a specific user or group of users, often using personalized information to make the attack more believable.
Whaling
A type of spear phishing that specifically targets high-profile individuals, such as company executives, to gain access to sensitive data.
Vishing
A phishing attack that uses voice communication, such as phone calls, to trick users into revealing sensitive information.
Smishing
A phishing attack that uses text messages to trick users into revealing sensitive information.
Malware
Software designed to harm devices or networks.
Virus
Malicious code that infects a device and can cause damage to data and software.
Worm
A type of malware that can self-replicate and spread across systems on its own.
Ransomware
A type of malware that encrypts an organization’s data and demands payment to restore access.
Social Media Phishing
A social engineering attack where a threat actor collects information about their target from social media and then uses that information to launch an attack.
Spyware
Malware that gathers and sells information without consent.
Social Engineering
A manipulation technique that exploits human error to gain private information, access, or valuables.
Watering Hole Attack
A social engineering attack where a threat actor infects a website that is frequently visited by a specific group of users.
USB Baiting
A social engineering attack where a threat actor leaves a malware-infected USB stick in a location where it is likely to be found and used by an unsuspecting victim.
