Phishing

Question 1

Phishing

Answer 1

The process of attempting to acquire sensitive Information such as usernames, passwords, and credit card details.

Phishing is the major tool used by the bad guys to get users to click on something and lead them to confidential Information.

Question 2

Spear Phishing

Answer 2

A small, focused, targeted phishing attack on a specific person or organization.

Question 3

Phishing attack surface

Answer 3

The quantity of emails exposed on the internet. The more email addresses exposed, the bigger the attack footprint is and the higher the risk for phishing attacks.

Question 4

Phish-Prone Percentage %

Answer 4

A term coined by KnowBe4 that indicates the percentage % of employees that are prone to click on phishing links.

Customer starts with a baseline for comparison. Before and after training usually every 12 months.

Question 5

Social engineering

Answer 5

The act of manipulating people into performing actions or divulging confidential Information.

Question 6

CEO fraud

Answer 6

A spear phishing attacks that targets high-risk users - people in Accounting, HR, or executive assistants in which the hackers claims to be the CEO and urges an employee to do something that would not be authorized by the legitimate sender.

Question 7

Vishing (voice phishing)

Answer 7

A phishing attack conducted by telephone

Question 8

Smishing

Answer 8

Phishing conducted via Short Message Service - (SMS), a telephone-based text messaging service.

Question 9

Email spoofing

Answer 9

Spoofing (tricking or deceiving) computer systems or other computer users. Sending messages from bogus email address or faking the email address of another user.

Spoofing is a common tactic in CEO Fraud attacks.