- #[[CT255 - Next Generation Technologies II]] - **Previous Topic:** [[Hash Cracking Using Rainbow Tables]] - **Next Topic:** [[DIffie-Hellman Key Exchange]] - **Relevant Slides:** ![ct255_05.pdf](../assets/ct255_05_1665403304356_0.pdf) - - What is **Social Engineering**? #card card-last-interval:: 4 card-repeats:: 2 card-ease-factor:: 2.7 card-next-schedule:: 2022-11-18T20:10:38.202Z card-last-reviewed:: 2022-11-14T20:10:38.202Z card-last-score:: 5 - **Social Engineering** is the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes. - What is **Phishing**? #card card-last-interval:: 4 card-repeats:: 2 card-ease-factor:: 2.7 card-next-schedule:: 2022-11-18T20:09:18.304Z card-last-reviewed:: 2022-11-14T20:09:18.304Z card-last-score:: 5 - **Phishing** usually involves sending malicious emails from supposedly trusted sources to as many people as possible, assuming a low response rate. - What is **Spear Phishing**? #card card-last-interval:: 14.2 card-repeats:: 3 card-ease-factor:: 2.7 card-next-schedule:: 2022-12-05T17:10:15.178Z card-last-reviewed:: 2022-11-21T13:10:15.178Z card-last-score:: 5 - In **Spear Phishing**, the perpetrator is disguised as a trusted individual, such as a boss, friend, or spouse. - What is **Whaling**? #card card-last-interval:: -1 card-repeats:: 1 card-ease-factor:: 2.5 card-next-schedule:: 2022-11-15T00:00:00.000Z card-last-reviewed:: 2022-11-14T20:08:34.227Z card-last-score:: 1 - **Whaling** uses deceptive email messages targeting high-level decision makers within an organisation, such as CEOs or other executives. - Such individuals have access to highly valuable information, including trade secrets & passwords to administrative company accounts. - What is **Smishing**? #card card-last-interval:: 4 card-repeats:: 2 card-ease-factor:: 2.7 card-next-schedule:: 2022-11-18T20:09:23.408Z card-last-reviewed:: 2022-11-14T20:09:23.409Z card-last-score:: 5 - **Smishing** is portmanteau for "SMS Phishing", and it works much the same as phishing. - Users are tricked via an SMS text rather than from an email. - What is **Vishing**? #card card-last-interval:: 4 card-repeats:: 2 card-ease-factor:: 2.7 card-next-schedule:: 2022-11-22T18:35:22.344Z card-last-reviewed:: 2022-11-18T18:35:22.345Z card-last-score:: 5 - **Vishing**, also called **VOIP Phishing** is the voice counterpart to phishing. - For example, an email asks the user to make a phone call, or victims receive an unsolicited call. - What is **Pretexting**? #card card-last-interval:: 2.8 card-repeats:: 2 card-ease-factor:: 2.6 card-next-schedule:: 2022-11-17T15:07:29.538Z card-last-reviewed:: 2022-11-14T20:07:29.538Z card-last-score:: 5 - **Pretexting** is the practice of presenting oneself as someone else in order to obtain private information. - It is more than just creating a lie, in some cases, it can involve creating an entirely new identity and then using that identity to manipulate the receipt of information. - Pretexting goes hand-in-hand with vishing. - What is a **Watering Hole** attack? #card card-last-interval:: 2.8 card-repeats:: 2 card-ease-factor:: 2.6 card-next-schedule:: 2022-11-17T15:08:14.319Z card-last-reviewed:: 2022-11-14T20:08:14.320Z card-last-score:: 5 - A **Watering Hole** attack consists of injecting malicious code into public web pages of a website that the target visits. - The attackers typically compromise websites within a specific sector that are typically visited by specific individuals of interest for the attacks. - What is **Pharming**? #card card-last-interval:: 2.8 card-repeats:: 2 card-ease-factor:: 2.6 card-next-schedule:: 2022-11-20T04:49:56.535Z card-last-reviewed:: 2022-11-17T09:49:56.536Z card-last-score:: 5 - **Pharming** scams redirect users to a copy of a popular website where personal data such as usernames, passwords, & financial information can be "farmed" & collected for fraudulent use. -