Week 3: Psychology and Social Engineering Flashcards
What is a phishing attack?
victims are lured by an email to log on to a website that’s designed to steal their passwords or get them to install malware
What is a vishing attack
an urgent and official sounding voice mail convinces victims to act quickly or suffer severe consequences
What is a physical tailgating attack?
rely on trust to give the criminal physical access to a secure building or area
What was the Solomon Asch experiment?
when fake participants uniformly gave a particular response in a group setting, the lone true participant would feel pressure to conform to the group consensus
How was the Line experiment conducted?
An experiment of stating which line was the same length and giving fake participants to overwhelm the participant to see if he was conform
What are the implications of this experiment in secure systems architecture?
Social pressure from a majority group could affect a person to conform, allow access to technology
What is the Social Psychology Principle - reciprocity?
The extent to which we give back upon receiving a ‘gift’
What is the Social Psychology Principle - liking?
The extent to which we believe people we like
What is the Social Psychology Principle - Commitment and Consistency?
The extent to which early commitment can lead to later commitment for consistency
What is the Social Psychology Principle - Scarcity?
The extent to which we are spurred to action if believed that the goods are in limited supply
What are some of the most used passwords?
123456
password
qwerty
Why do people use bad passwords?
Easy to remember
Do not know consequences of access
Believe it wont happen to them
What are the three-points on the security triangle?
security
functionality
availability
Regarding Fraud Psychology what does the frauder appeal to?
The mark’s kindness
The mark’s dishonesty
Distract them so they act automatically
Arouse them so they act viscerally
