Social Engineering Techniques & Other Attack Types

Question 1

What are the variants of phishing

Answer 1

Spear Phishing, Whaling, Vishing, Smishing

Question 2

What is Spear Phishing?

Answer 2

Phishing that targets certain employees

Question 3

What is Whaling?

Answer 3

Phishing that targets high-level employees or senior management

Question 4

What is Vishing?

Answer 4

Phishing that targets cell phones, telephones, and VoIP systems

Question 5

What is Smishing

Answer 5

Phishing that uses SMS texting as the vector

Question 6

What does a Visher do?

Answer 6

Vishing Attacks, like make a call spoofing the collection agency or claiming to be a lawyer trying to get personal information or personal health information or intellectual property

Question 7

What are some of the key indicators to identify phishing in email?

Answer 7

Vague salutations - dear valued customer or dear employee
Suspicious looking domain names or display names - potentially misspelled
URL Paths or Hypertext with different actual link/IP address
Awkward Grammar
Urgent or intimidating subject line
Lack of contact info
Spoofed headers/logos

Question 8

What is a phishing attack?

Answer 8

A cyber attack that uses disguised email as a vector

Question 9

What is the goal of a phishing attack?

Answer 9

To trick the recipient into believing that the message is legitimate so they will click a link or download an attachment

Question 10

What does BEC stand for?

Answer 10

Business Email Compromise

Question 11

What is Business Email Compromise?

Answer 11

BEC is a form of attack that targets companies who outsource, conduct wire transfers, and have suppliers abroad

Question 12

Name the common BEC schemes

Answer 12

phony invoices and transfers
c-suite fraud
email or webmail account compromise
attorney impersonation or hoaxing
data theft of personally identifiable information

Question 13

What is pharming?

Answer 13

-blending of the words ‘phishing’ and ‘farming’ that describes a type of cybercrime like phishing
-happens when a website’s traffic is manipulated or spoofed, and confidential information is stolen

Question 14

How can a pharming attack happen?

Answer 14

-attackers may install a virus or trojan on a target that changes the computer’s hosts file to direct traffic away from its intended target and toward a fake web site
-crackers may also poison a DNS server to re-direct multiple users to unintentionally go to the fake site, which in turn can be used to install malware on the victim’s computer

Question 15

What is spam?

Answer 15

a slang term for unsolicited commercial email or junk email

Question 16

What are the common types of email spam?

Answer 16

-advertisements
-chain letters
-spoofed emails relating to phishing campaigns
-hoaxes and money scams (ex. Nigernan prince)
-malware warnings
-unwanted porn email

Question 17

What is a Negative SEO?

Answer 17

A “Negative SEO” search engine optimization attack is a form of spam that can actually hurt your business. It could be a competitor making Google think that you’re up to no good.

Question 18

Name the common categories of spam

Answer 18

-email spam
-comment spam
-trackback spam
-negative SEO attacks
-spiders and Distriubuted Denial of Service(DDoS) (bots)

Question 19

What is SPIM?

Answer 19

-spam overt instant messaging
-unsolicited instant messages

Question 20

Why is Spim harmful?

Answer 20

-disrupts chatting
-can contain viruses or spyware

Question 21

How can you prevent spim?

Answer 21

-blocking any messages from sources not on your contact list
-most anti-virus programs include spam and spim protection features

Question 22

What is typosquatting?

Answer 22

-aka URL hijacking, sting sites, or fake URL
-involves sitting on sites under someone else’s brand or copywrite and targeting internet users who erroneously type a web site address into their browser address bar
-ex: facebool, gooogle, amason

Question 23

What is tailgating/piggybacking?

Answer 23

When a physical access token meant for one person is used for two people, whether or not the person scanning knows

-access tokens/badges in this scenario are being used in a single-factor or multi-factor authentication scheme for physical access to buildings, rooms, or certain high security areas like data centers
-considered a violation of a security policy (AUP) combined with some enforcement policy if users do not comply

Question 24

What is dumpster diving?

Answer 24

an attack where the goal is to reclaim important information by searching though trash containers and dumpsters

Question 25

What information can attackers get through dumpster diving?

Answer 25

-credit card info
-invoices/receipts
-IP addressing
-org charts
-names of key employees
-manuals and charts
-memos and sticky notes

Question 26

How can you prevent dumpster diving>

Answer 26

-fenced in
-locked
-good lighting
-monitoring, like cameras

Question 27

What is shoulder surfing?

Answer 27

attack where the goal is to look over the shoulder of someone as they enter a password or a PIN

Question 28

What makes shoulder surfing easier?

Answer 28

-camera-equipped mobile devices
-binoculars & telescopes let people see screens and keyboards from nearby buildings

Question 29

What is a watering hole attack?

Answer 29

attack that leverages a compromised web server in order to target groups or associations in social networks

only members of the association are attacked, while other traffic is untouched

Question 30

Why are watering holes difficult to identify?

Answer 30

even with traffic analysis, most traffic from the infected site is benign / unaffected

Question 31

What are typical goals of scams or attacks?

Answer 31

theft of financials, intellectual property, personal identifiable information, or personal health information

Question 32

What’s the first step of most scams?

Answer 32

Remote IP spoofing

Question 33

What’s the second step of most scams?

Answer 33

phones, email, sms, im

Question 34

What’s the third step of most scams?

Answer 34

masquerading as a legitimate entity

Question 35

Name different forms of scams/fraud

Answer 35

-eliciting info and reconnaissance
-hoaxes (pretending to be someone )
-identity fraud (fake documents)
-impersonation and pretending (access to financial info)
-invoice scams
-credential harvesting (gathering usernames and passwords)

Question 36

What can you do if you see someone looking suspicious?

Answer 36

Politely ask for identification or authorization (like a guest badge) if your company policy does not restrict confrontation , or contact security

Question 37

What is an influence campaign?

Answer 37

AKA misinformation operation / influence operation

collect tactical info about adversary, locate key influences or stakeholders, launch propaganda/disinformation initiative, gain competitive advantage or confuse adversary