Phishing

Question 1

A Phishing tactic where attackers purchase mispelled domain names similar to legitimate businesses and email out from them.

Answer 1

Typosquatting

Question 2

A form of email impersonation where attacker creates a seemingly legitimate scenario with a call to action. i.e. There has been an issue with your automated payment

Answer 2

Pretexting

Question 3

When an attacker attacks an entire group of people simultaneously

Answer 3

Pharming

Question 4

DNS poisoning that causes users to be sent to a bogus website that looks legitmate. Typically combining Pharming and Phishing techniques.

Answer 4

Redirection

Question 5

Phishing done over a telephone call. Often utilizing Caller ID spoofing.

Answer 5

Vishing

Question 6

Phishing done by text message.

Answer 6

Smishing

Question 7

A social engineering technique where an attacker will use public information like social media to help build a believable pretext for contacting user.

Answer 7

Reconnaissance

Question 8

A phishing attack that targets specific users.

Answer 8

Spear Phishing

Question 9

A spear phishing attack that targets specific users, specifically C-Suite employees within an organization. i.e. CEO, CFO

Answer 9

Whaling

Question 10

A tactic that often combines reconnaissnace, pretexting and phishing to pretend to be someone else.

Answer 10

Impersonation