Social Engineering Techniques Flashcards
What is Phishing?
Phishing tries to get users to input their confidential data (e.g usernames, passwords, banks details)
Cyber-security attackers will provide a fake website, which looks idential to the real one, in an attempt to bait victims into inputting their confidential data.
For example: Getting an email from ‘Apples’ which claims to be ‘Apple’ stating your password needs to be changed, providing a link to a fake website which looks identical to Apple’s real website asking you to log in to change your password.
What is Pretexting?
Pretexting is when a cyber criminal lies to get data or information.
For example - calling claiming to be an Apple tech agent, who needs to confirm who they’re talking to. They may ask questions like “I need to confirm who I am talking to, can you please tell me your address”
What is Baiting?
Baiting tries to get victims to give cyber criminals the information they need.
For example, promising goods to get the information they need. “FREE V-BUCKS! ENTER YOUR LOG IN DETAILS”
What is Quid Pro Quo?
Where attackers try to disable victims’ anti-virus software updates so that Malware can be installed to gain access to the system.
For example, calling pretending to be an IT tech support agent, offering assistance to fix problems.
What is Tailgating/Piggybacking?
Trying to gain access to a secure building or room.
For example, an attacker pretending to be a delievery driver and asking an authorised user to hold the door so they can enter a secure building/room.
What is Shoulder Surfing?
Shoulder Surfing aims to steal confidental data/information.
For example, looking over somebody’s shoulder at an ATM to be able to see their PIN number.