Section 5.38 Impersonation Flashcards
Objectives 2.2 Explain common threat vectors and attack surfaces Objectives 5.6 Given a scenario, implement security awareness practices
4 main Social Engineering technique
Socail Engineering techniques
- Impersonation
- Brand Impersonation
- Typosquatting
- Watering Hole Attacks
Social Engineering technique
Impersonation
- Attack where an adversary assumes the identity of another person to gain unauthorised access to resources or steal sensitive data.
- Requires the attacker to collect information about the organisation so that they can more easily earn the trust of their targeted users
- Attackers provide details to help make the lies and the impersonation
more believable to a potential victim
Consequences of Impersonation:
○ Unauthorized access
○ Disruption of services
○ Complete system takeover
Brand Impersonation
- More specific form of impersonation where an attacker pretends to represent a legitimate company or brand
- Attackers use the brand’s logos, language, and information to create deceptive communications or website
- To protect against brand impersonation - organisations should do the following…
○ Educate their users about these types of threats
○ Use secure email gateways to filter out phishing emails
○ Regularly monitor their brands online presence to detect any fraudulent activities as soon as they occur
e.g Novemeber 2020 Elli Lilly brain impersonation attack: Social engineer tweeted insulin would free for all its customers - ended up losing 4% of stock in 24hrs
Typosquatting
Form of cyber attack where an attacker will register a domain name that is similar to a popular website but contain some kind of common typographical errors
e.g mispell gmail.com vs gnail.com
To combat typosquatting - organizations will often do the following
○ Register common misspellings of their own domain names
○ Use services that monitor for similar domain registrations
○ Conduct user security awareness training to educate users about the risks of typosquatting
Also known as URL hijacking or cybersquatting
Watering Hole Attacks
Targeted form of cyber attack where attackers compromise a specific website or service that their target is known to use
The term is a metaphor for a naturally occurring phenomenon where crocodiles wait at watering holes to attack
○ In the world of cybersecurity, the “watering hole” the attacker chooses to utilise a trusted website or onlien service.
To mitigate watering hole attacks, organizations should do the following…
○ Keep their systems and software updated
○ Use threat intelligence services to stay informed about new
threats
○ Employ advanced malware detection and prevention tools