Section 5.38 Impersonation

Question 1

4 main Social Engineering technique

Socail Engineering techniques

Answer 1

1. Impersonation
2. Brand Impersonation
3. Typosquatting
4. Watering Hole Attacks

Question 2

Social Engineering technique

Impersonation

Answer 2

• Attack where an adversary assumes the identity of another person to gain unauthorised access to resources or steal sensitive data.
• Requires the attacker to collect information about the organisation so that they can more easily earn the trust of their targeted users
• Attackers provide details to help make the lies and the impersonation
  more believable to a potential victim

Consequences of Impersonation:

○ Unauthorized access
○ Disruption of services
○ Complete system takeover

Question 3

Brand Impersonation

Answer 3

• More specific form of impersonation where an attacker pretends to represent a legitimate company or brand
• Attackers use the brand’s logos, language, and information to create deceptive communications or website
• To protect against brand impersonation - organisations should do the following…

○ Educate their users about these types of threats

○ Use secure email gateways to filter out phishing emails

○ Regularly monitor their brands online presence to detect any fraudulent activities as soon as they occur

e.g Novemeber 2020 Elli Lilly brain impersonation attack: Social engineer tweeted insulin would free for all its customers - ended up losing 4% of stock in 24hrs

Question 4

Typosquatting

Answer 4

Form of cyber attack where an attacker will register a domain name that is similar to a popular website but contain some kind of common typographical errors

e.g mispell gmail.com vs gnail.com

To combat typosquatting - organizations will often do the following

○ Register common misspellings of their own domain names

○ Use services that monitor for similar domain registrations

○ Conduct user security awareness training to educate users about the risks of typosquatting

Also known as URL hijacking or cybersquatting

Question 5

Watering Hole Attacks

Answer 5

Targeted form of cyber attack where attackers compromise a specific website or service that their target is known to use

The term is a metaphor for a naturally occurring phenomenon where crocodiles wait at watering holes to attack

○ In the world of cybersecurity, the “watering hole” the attacker chooses to utilise a trusted website or onlien service.

To mitigate watering hole attacks, organizations should do the following…

○ Keep their systems and software updated

○ Use threat intelligence services to stay informed about new
threats

○ Employ advanced malware detection and prevention tools