Social Engineering
What are some potential hazards associated with phishing attacks? A.Data breaches and unauthorized access to sensitive information B.Physical damage to computer hardware and infrastructure C.Network congestion and reduced bandwidth D.Incompatibility issues with software and operating systems
A.Data breaches and unauthorized access to sensitive information
Which of the following is a common tactic used in phishing emails? A.Including official logos and branding of reputable companies B.Providing clear and concise instructions to follow C.Avoiding any sense of urgency in the email content D.Requesting sensitive information through secure channels
A.Including official logos and branding of reputable companies
Phishing
Attacker pretends to represent a legitimate prganization and asks for verification of the victims information such as a password, username, address, credit card, information SSN, etc Phishing emails are some of the most common ways people lose thier personal information also known as PII Hazards: Contain malicious links that will download visurses Steal username and password to gain access to all other accounts with the same credential Steal credit card information Steal socail security number and identity
What is phishing? A.A type of cybersecurity threat that targets physical infrastructure B.A social engineering technique used to trick individuals into revealing sensitive information C.A method of encrypting data to protect it from unauthorized access D.A type of malware that spreads through email attachments
B.A social engineering technique used to trick individuals into revealing sensitive information
How can users identify potential phishing emails? A.By checking the email's timestamp for accuracy B.By examining the email's formatting and grammar for inconsistencies C.By looking for attachments or links in the email body D.By ignoring warning messages and pop-ups in the ema
B.By examining the email's formatting and grammar for inconsistencies
What are some signs that can help identify a phishing email? A.The email is from a known and trusted source B.The email contains a sense of urgency and requests immediate action C.The email has proper spelling and grammar D.The email includes personalization and addresses the recipient by name
B.The email contains a sense of urgency and requests immediate action
How can organizations defend against social engineering attacks? A.By disabling firewalls and anti-virus software to prevent false positives B.By implementing strong encryption algorithms for data transmission C.By providing security awareness training for employees to recognize and respond to social engineering attempts D.By avoiding the use of password policies and allowing users to set easy-to-remember passwords
By providing security awareness training for employees to recognize and respond to social engineering attempts
How can you verify the legitimacy of an email that appears to be from a trusted source? A.Reply to the email and ask for verification of the sender's identity B.Click on any links provided in the email to confirm the source C.Call the sender directly using a verified contact number to confirm the email's authenticity D.Share personal information as requested in the email to validate your identity
C.Call the sender directly using a verified contact number to confirm the email's authenticity
What should you do if you receive a suspicious email that you suspect might be a phishing attempt? A.Click on any links provided in the email to investigate further B.Reply to the email and ask for additional information to verify its authenticity C.Delete the email without interacting with any links or attachments D.Forward the email to your colleagues to warn them about the potential threat
C.Delete the email without interacting with any links or attachments
Which of the following is a common phishing tactic? A.Regularly updating software and operating systems B.Creating complex passwords for online accounts C.Sending deceptive emails that appear to be from trusted sources D.Using biometric authentication methods for access control
C.Sending deceptive emails that appear to be from trusted sources
What are some best practices to follow when dealing with emails to prevent falling victim to phishing attacks? A.Opening all email attachments from unknown senders B.Clicking on links within emails without verifying their legitimacy C.Verifying the sender's identity before sharing any personal information D.Disabling email filters and spam detection mechanisms
C.Verifying the sender's identity before sharing any personal information
Which social engineering attack involves rummaging through discarded materials to find valuable information?
Dumpster diving
What is tailgating in the context of social engineering? A.Creating a fake website to deceive users into revealing their login credentials B.Eavesdropping on electronic communications to gather sensitive information C.Following closely behind an authorized person to gain unauthorized physical access to a restricted area D.Sending deceptive emails to trick individuals into revealing sensitive data
Following closely behind an authorized person to gain unauthorized physical access to a restricted area
What is a whaling attack?
Targeting single individuals with an upper management position to try to gain personal information. Phishing but targeting people of power
How to look out for phishing?
The email sender is not from a legitimate sender Hovering over the hyperlink to ensure the link redirects you to the proper site Misspellings Grammatical issues Generic email greetings that do not greet you by name Inconsistent font styles and size Deals too good to be true Tactics they use: Rewards Urgency Intimidation Curiosity
What is the primary goal of a phishing attack?
To deceive individuals and obtain sensitive information
Which of the following social engineering attacks specifically targets senior executives or high-profile individuals within an organization? A.Whaling B.Phishing C.Dumpster diving D.Tailgating
Whaling
Social Engineering
the act of physically or verbally pretending to be someone to grant data or physical access. hackers use their social skills to trick people into revealing access credentials or other valuable information
