Social Engineering Techniques & Other Attack Types Flashcards
What are the variants of phishing
Spear Phishing, Whaling, Vishing, Smishing
What is Spear Phishing?
Phishing that targets certain employees
What is Whaling?
Phishing that targets high-level employees or senior management
What is Vishing?
Phishing that targets cell phones, telephones, and VoIP systems
What is Smishing
Phishing that uses SMS texting as the vector
What does a Visher do?
Vishing Attacks, like make a call spoofing the collection agency or claiming to be a lawyer trying to get personal information or personal health information or intellectual property
What are some of the key indicators to identify phishing in email?
Vague salutations - dear valued customer or dear employee
Suspicious looking domain names or display names - potentially misspelled
URL Paths or Hypertext with different actual link/IP address
Awkward Grammar
Urgent or intimidating subject line
Lack of contact info
Spoofed headers/logos
What is a phishing attack?
A cyber attack that uses disguised email as a vector
What is the goal of a phishing attack?
To trick the recipient into believing that the message is legitimate so they will click a link or download an attachment
What does BEC stand for?
Business Email Compromise
What is Business Email Compromise?
BEC is a form of attack that targets companies who outsource, conduct wire transfers, and have suppliers abroad
Name the common BEC schemes
phony invoices and transfers
c-suite fraud
email or webmail account compromise
attorney impersonation or hoaxing
data theft of personally identifiable information
What is pharming?
-blending of the words ‘phishing’ and ‘farming’ that describes a type of cybercrime like phishing
-happens when a website’s traffic is manipulated or spoofed, and confidential information is stolen
How can a pharming attack happen?
-attackers may install a virus or trojan on a target that changes the computer’s hosts file to direct traffic away from its intended target and toward a fake web site
-crackers may also poison a DNS server to re-direct multiple users to unintentionally go to the fake site, which in turn can be used to install malware on the victim’s computer
What is spam?
a slang term for unsolicited commercial email or junk email
What are the common types of email spam?
-advertisements
-chain letters
-spoofed emails relating to phishing campaigns
-hoaxes and money scams (ex. Nigernan prince)
-malware warnings
-unwanted porn email
What is a Negative SEO?
A “Negative SEO” search engine optimization attack is a form of spam that can actually hurt your business. It could be a competitor making Google think that you’re up to no good.
Name the common categories of spam
-email spam
-comment spam
-trackback spam
-negative SEO attacks
-spiders and Distriubuted Denial of Service(DDoS) (bots)
What is SPIM?
-spam overt instant messaging
-unsolicited instant messages
Why is Spim harmful?
-disrupts chatting
-can contain viruses or spyware
How can you prevent spim?
-blocking any messages from sources not on your contact list
-most anti-virus programs include spam and spim protection features
What is typosquatting?
-aka URL hijacking, sting sites, or fake URL
-involves sitting on sites under someone else’s brand or copywrite and targeting internet users who erroneously type a web site address into their browser address bar
-ex: facebool, gooogle, amason
What is tailgating/piggybacking?
When a physical access token meant for one person is used for two people, whether or not the person scanning knows
-access tokens/badges in this scenario are being used in a single-factor or multi-factor authentication scheme for physical access to buildings, rooms, or certain high security areas like data centers
-considered a violation of a security policy (AUP) combined with some enforcement policy if users do not comply
What is dumpster diving?
an attack where the goal is to reclaim important information by searching though trash containers and dumpsters
What information can attackers get through dumpster diving?
-credit card info
-invoices/receipts
-IP addressing
-org charts
-names of key employees
-manuals and charts
-memos and sticky notes
How can you prevent dumpster diving>
-fenced in
-locked
-good lighting
-monitoring, like cameras
What is shoulder surfing?
attack where the goal is to look over the shoulder of someone as they enter a password or a PIN
What makes shoulder surfing easier?
-camera-equipped mobile devices
-binoculars & telescopes let people see screens and keyboards from nearby buildings
What is a watering hole attack?
attack that leverages a compromised web server in order to target groups or associations in social networks
only members of the association are attacked, while other traffic is untouched
Why are watering holes difficult to identify?
even with traffic analysis, most traffic from the infected site is benign / unaffected
What are typical goals of scams or attacks?
theft of financials, intellectual property, personal identifiable information, or personal health information
What’s the first step of most scams?
Remote IP spoofing
What’s the second step of most scams?
phones, email, sms, im
What’s the third step of most scams?
masquerading as a legitimate entity
Name different forms of scams/fraud
-eliciting info and reconnaissance
-hoaxes (pretending to be someone )
-identity fraud (fake documents)
-impersonation and pretending (access to financial info)
-invoice scams
-credential harvesting (gathering usernames and passwords)
What can you do if you see someone looking suspicious?
Politely ask for identification or authorization (like a guest badge) if your company policy does not restrict confrontation , or contact security
What is an influence campaign?
AKA misinformation operation / influence operation
collect tactical info about adversary, locate key influences or stakeholders, launch propaganda/disinformation initiative, gain competitive advantage or confuse adversary
