Social Engineering Flashcards
Most common SE attack and definitions
What is Social Engineering?
Manipulation technique that exploits human error to gain private information, valuables, or access. HUMAN ERROR usually results in trusting someone without question. SE creates an environment of false trust and lies to exploit many people as possible.
MOST COMMON ATTACKS (4)
Social Media Phishing, USB Baiting, Watering Hole Attack, and Physical SE
What is USB Baiting?
A T.A. leaves a malware USB stick for an employee to find and to install unknowingly infecting a network
Social Media Phishing
T.A. collects detailed info about their target from social media sites and then they initiate an attack.
Physical SE
T.A. impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location.
Watering Hole Attack
T.A. attacks a website often visited by a specific group of users
SE PRINCIPLES are…
of attacks are increasing with each new social media application that allows pubic access to people’s data
Effectiveness of SE attacks (7)
Authority, Intimidation, Scarcity, Consensus/Social Proof, Familiarity, Trust, and Urgency
What is Authority?
T.A. Impersonates individuals
What is Intimidation?
T.A. uses bully tactics
EX: Persuading and Intimidating
What is Trust?
T.A. establishes emotional relationships with users that can be exploited in time.
What is Urgency?
T.A. persuades others to respond quickly and without questioning.
What is Consensus/ Social Proof?
T.A. uses other’s trust to pretend they’re legit.
What is Scarcity?
Tactic used to imply that goods and services are in limited supply
What is Familiarity?
T.A. uses a fake emotional connection with users that can be exploited.
