Social Engineering

Question 1

Pretexting

Answer 1

Here a hacker gains information through a series of well crafted lies. Scam initiated by perpetrator pretending to need sensitive information so they can perform critical tasks

Question 2

Prepending

Answer 2

Adding something to the begging of a item.
Supply info later to be acted on.

Question 3

Third party authorization

Answer 3

Using previously used projects to obtain information

Question 4

Impersonation

Answer 4

Attacker assumes a role that is recognized by the person being attacked.

Question 5

Credential harvesting

Answer 5

The act of harvesting things such as ID passwords usernames

Question 6

Hoax

Answer 6

False stories in the hope to create security risks

Question 7

Reconnaissance

Answer 7

The act of trying to get information before hostilities

Question 8

Invoice scams

Answer 8

Sending false invoices to companies in hood that they pay it.

Question 9

Whailing

Answer 9

The act of spear phishing but upon high value targets like ceo or cfo

Question 10

Tailgating / Piggybacking

Answer 10

The act of following behind someone to gain physical access to a building using their id or pin

Question 11

Shoulder Surfing

Answer 11

Act of looking over someone’s should in hopes to gain sensitive information

Question 12

Pharming

Answer 12

The act of poisoning a DNS server to redirect people to a attackers website

Question 13

Eliciting information

Answer 13

Calling in to help desk or tech support to gain information you shouldn’t have.

Question 14

Identity Fraud

Answer 14

Use of fake credentials to achieve a end.

Question 15

Dumpster diving

Answer 15

The act of diving into trash in hopes to gain access to sensitive information