Social Engineering Flashcards
Spoofing
This is a human-based or software-based attack where the goal is to pretend to be someone else
Shoulder surfing
Goal is to look over the shoulder
Impersonation
Human attack when the attacker pretends to be someone he is not
Hoax
Email-based or web-based attack intended to trick the user into performing undesired actions
Phishing
email-based attempt to get financial information
Vishing
Human-based. goal is to extract personal, financial, confidential information
Whaling
form of phishing that targets individuals known to possess a good deal of wealth
Spam/spim
Social networking based; Spim is internet messaging attack
Zero day attack
Exploits a previously unknown vulnerability in an application of OS
Brute force attack
Uses password-cracking software to try possible combination
Dictionary attack
Automates password guessing by comparing encrypted passwords
Eavesdropping or Sniffing attack
Special monitoring software to intercept private network communications; aimed at content or passwords
Man-in-the-middle
Attacker redirects traffic between two victims to capture information between the sender and receiver; could result in hijacker
Zombies
Attacker introduces unauthorized software that directs the devices to launch and attack. Distributed Denial of Service (DDoS) attacks: collection of devices taken over by an attacker.
Botnets
Distributed Denial of Service (DDoS) attacks: A collection of internet-connected programs communicating with other similar programs in order to perform tasks that can be used to send spam email or participate in DDoS attacks.
