Section 5.38 Impersonation

Question 1

4 main Social Engineering technique

Social Engineering techniques

IBTW

Answer 1

1. Impersonation
2. Brand Impersonation
3. Typosquatting
4. Watering Hole Attacks

Question 2

Social Engineering technique

Impersonation

Answer 2

• Assume identity of another person to gain unauthorised access to resources or steal sensitive data.
• Threat actor collects information about the organisation so that they can more easily earn the trust of their targeted users
• Attackers provide details to help make the lies and the impersonation more believable to a potential victim

Consequences of Impersonation:

○ Unauthorised access
○ Disruption of services
○ Complete system takeover

Question 3

Social Engineering technique

Brand Impersonation

Answer 3

• More specific form of impersonation where an attacker pretends to represent a legitimate company or brand
• Attackers use the brand’s logos, language, and information to create deceptive communications or website

To protect against brand impersonation - organisations should do the following…

○ Educate their users about these types of threats

○ Use secure email gateways to filter out phishing emails

○ Regularly monitor their brands online presence to detect any fraudulent activities as soon as they occur

e.g Novemeber 2020 Elli Lilly brand impersonation attack: Social engineer tweeted insulin would be free for all its customers - ended up losing 4% of stock in 24hrs

Question 4

Social Engineering technique

Typosquatting

Answer 4

Form of cyber attack where an attacker will register a domain name that is similar to a popular website but contain some kind of common typographical errors

e.g mispell gmail.com vs gnail.com

To combat typosquatting - organizations will often do the following

○ Register common misspellings of their own domain names

○ Use services that monitor for similar domain registrations

○ Security awareness training to educate users about the risks of typosquatting

Also known as URL hijacking or cybersquatting

Question 5

Social Engineering technique

Watering Hole Attacks

Answer 5

Targeted form of cyber attack where attackers compromise a specific trusted website or service that their target is known to use so that they can gain access to the network. Involves targeting other organisations in order to gain access to the primary victims network

To mitigate watering hole attacks, organizations should do the following…

○ Keep their systems and software updated

○ Use threat intelligence services to stay informed about new
threats

○ Employ advanced malware detection and prevention tools

The term is a metaphor for a naturally occurring phenomenon where crocodiles wait at watering holes to attack