Social Engineering

Question 1

Spear Phishing

Answer 1

targeted phishing

Question 2

Whaling/Whale Phishing

Answer 2

Phishing that target executive level to get wire transfers etc

Question 3

Smishing

Answer 3

Phishing over SMS

Question 4

Vishing

Answer 4

Phishing over the phone

Question 5

SPAM

Answer 5

Large quantities of unsolicited advertising over email

Question 6

SPIM

Answer 6

Spam sent over Text

Question 7

Dumpster Diving

Answer 7

Removing sensitive info from literal trash cans

Question 8

Shoulder Surfing

Answer 8

Looking over someones shoulder - Privacy screens, masked passwords

Question 9

Pharming

Answer 9

redirecting to malicious site

Question 10

How to mitigate Shoulder Surfing

Answer 10

privacy screens. masked passwords, multiple asterisks per keystroke

Question 11

Tailgating Mitigations

Answer 11

Cameras to monitor doors, key card access.

Question 12

Pharming examples

Answer 12

DNS Cache Poisoning, Host File Injection,

Question 13

Hoax

Answer 13

Someone pretends to be an IT person or fellow coworker. Seem legitimate.

Question 14

Prepending

Answer 14

Adding mentions to tweets/social media to make them seem more personal or to get broader audience, higher engagement.

Question 15

Watering Hole Attack

Answer 15

Uses less secure websites or ones a particular target is likely to visit to plant malware and infect users.

Question 16

Typo Squatting/URL Hijacking

Answer 16

Taking over sites that users may go to if they misspelled the original site like goggle.com