Chapter 9: Social Engineering

How does a malicious insider differ from a negligent insider?

A malicious insider steals data and destroys networks on purpose, while a negligent insider either doesn't know about the security procedures or are trying to be faster in the workplace.

What is the key to circumventing social engineering techniques?

Constant Vigilance

What are the six reasons somebody would perform an insider attack?

Correct Financial gain, stealing confidential data, revenge, becoming a future competitor, performing a competitor's bidding, public announcement.

What is Step 3 of a Social Engineering Attack?

Develop a Relationship

What is Step 4 of a Social Engineering Attack?

Exploiting the Relationship

What is tailgating?

Gaining unauthorized access to restricted areas by following another person

What does a Compromised insider do?

Gets insiders to do what they want through blackmail.

What is dumpster diving?

Going through trash and looking for people's personal information

What are some different types of impersonation?

Important user, tech support (in person or phone), internal employee/client/vendor, repairman, over helpfulness of help desk, third-party authorization

What factors make a company vulnerable to social engineering attacks?

Insufficient or little security training, Unregulated access to info, Several Organizational units, and Lack of security policies

What behaviors make us vulnerable to social engineering attacks?

Natural human tendency to trust others, ignorance about social engineering and its effects, fear of severe losses in case of non-compliance, greediness, helping as a moral duty

What is shoulder surfing?

Observing someone entering their password or PIN

Why are social network sites a haven for attackers?

People share a lot of personal and professional information on social networks.

What is it called when an attacker uses DNS Cache poisoning or host file modification to redirect valid URLs to the attackers site?

Pharming

Entering a secured area with the consent of an authorized person is known as?

Piggybacking

What are the types of mobile-based social engineering attacks?

Publishing malicious apps, repackaging legitimate apps, fake security applications, SMiShing

What are some categories of Social Engineering Targets?

Receptionists, Help-Desk, Tech Support Executives, System Admins, Users/Clients, Vendors

What is Step 1 of a Social Engineering Attack?

Research the Target Company

How would you order the phases of a social engineering attack?

Research the target company Select the target Develop a relationship Exploit the relationship

Pretending to be a problem solver so other people come to you with their problems is known as?

Reverse Social Engineering

What is Step 2 of a Social Engineering Attack?

Select your Target

What is spear phishing?

Specialized phishing attempts directed at specific person or a small group of people, usually appearing to come from a trusted source.

Sending unsolicited IM messages is known as?

Spimming

Why is a Disgruntled employee a threat?

They would be seeking revenge and they have access to company resources because they are still employed there.

What insider threat has systems that their security is not predictable?

Third Parties

What is eavesdropping?

Unauthorized person listening to a conversation or reading others' messages.

What is Whaling?

a variant of phishing that targets senior or high level executives