Chapter 9: Social Engineering
How does a malicious insider differ from a negligent insider?
A malicious insider steals data and destroys networks on purpose, while a negligent insider either doesn't know about the security procedures or are trying to be faster in the workplace.
What is the key to circumventing social engineering techniques?
Constant Vigilance
What are the six reasons somebody would perform an insider attack?
Correct Financial gain, stealing confidential data, revenge, becoming a future competitor, performing a competitor's bidding, public announcement.
What is Step 3 of a Social Engineering Attack?
Develop a Relationship
What is Step 4 of a Social Engineering Attack?
Exploiting the Relationship
What is tailgating?
Gaining unauthorized access to restricted areas by following another person
What does a Compromised insider do?
Gets insiders to do what they want through blackmail.
What is dumpster diving?
Going through trash and looking for people's personal information
What are some different types of impersonation?
Important user, tech support (in person or phone), internal employee/client/vendor, repairman, over helpfulness of help desk, third-party authorization
What factors make a company vulnerable to social engineering attacks?
Insufficient or little security training, Unregulated access to info, Several Organizational units, and Lack of security policies
What behaviors make us vulnerable to social engineering attacks?
Natural human tendency to trust others, ignorance about social engineering and its effects, fear of severe losses in case of non-compliance, greediness, helping as a moral duty
What is shoulder surfing?
Observing someone entering their password or PIN
Why are social network sites a haven for attackers?
People share a lot of personal and professional information on social networks.
What is it called when an attacker uses DNS Cache poisoning or host file modification to redirect valid URLs to the attackers site?
Pharming
Entering a secured area with the consent of an authorized person is known as?
Piggybacking
What are the types of mobile-based social engineering attacks?
Publishing malicious apps, repackaging legitimate apps, fake security applications, SMiShing
What are some categories of Social Engineering Targets?
Receptionists, Help-Desk, Tech Support Executives, System Admins, Users/Clients, Vendors
What is Step 1 of a Social Engineering Attack?
Research the Target Company
How would you order the phases of a social engineering attack?
Research the target company Select the target Develop a relationship Exploit the relationship
Pretending to be a problem solver so other people come to you with their problems is known as?
Reverse Social Engineering
What is Step 2 of a Social Engineering Attack?
Select your Target
What is spear phishing?
Specialized phishing attempts directed at specific person or a small group of people, usually appearing to come from a trusted source.
Sending unsolicited IM messages is known as?
Spimming
Why is a Disgruntled employee a threat?
They would be seeking revenge and they have access to company resources because they are still employed there.
What insider threat has systems that their security is not predictable?
Third Parties
What is eavesdropping?
Unauthorized person listening to a conversation or reading others' messages.
What is Whaling?
a variant of phishing that targets senior or high level executives