Social engineering

    avatar
    Created by
    Hannah Kewley

    Cards (18)

    • What is pharming?
      Redirecting users to fraudulent websites
      View source
    • How is pharming typically achieved?
      By tampering with DNS settings
      View source
    • What happens when a user types a banking URL in a pharming attack?
      They are redirected to a fake site
      View source
    • What are the prevention methods for pharming?
      • Website Verification: Check for HTTPS and URL legitimacy
      • Antimalware Tools: Use software to detect DNS-altering malware
      • Secure Access: Avoid public Wi-Fi for sensitive information
      View source
    • What does phishing involve?
      Fraudulent communication to steal sensitive data
      View source
    • What is a common example of phishing?
      An email impersonating IT support
      View source
    • What are the prevention methods for phishing?
      • Email Filters: Use advanced spam and phishing filters
      • Training: Educate employees on identifying phishing attempts
      • Multi-Factor Authentication (MFA): Require MFA for account access
      View source
    • What is blagging also known as?
      Pretexting
      View source
    • What does blagging involve?
      Creating a false scenario to obtain information
      View source
    • What is an example of blagging?
      A caller pretending to be a bank employee
      View source
    • What are the prevention methods for blagging?
      • Identity Verification: Verify identities through independent channels
      • Strict Policies: Implement guidelines for handling sensitive information
      • User Access Rights/Control: Limit access to necessary data only
      View source
    • What is shoulder surfing?
      Visually eavesdropping on someone's device
      View source
    • What is a common example of shoulder surfing?
      An attacker observing a password entry
      View source
    • What are the prevention methods for shoulder surfing?
      • Screen Privacy Filters: Use privacy screens on monitors
      • Secure Workspaces: Design office layouts to reduce risk
      • Employee Awareness: Train employees to be cautious in public
      View source
    • What does baiting involve?
      Enticing victims with a malicious item
      View source
    • What is a common example of baiting?
      A USB drive labeled "Confidential"
      View source
    • What are the prevention methods for baiting?
      • Device Policies: Block unauthorized USB devices
      • Education: Warn employees about unknown devices
      • Endpoint Protection: Use software to scan for malware
      View source
    • What are general strategies for organizations to prevent social engineering risks?
      • Security Awareness Training: Regularly educate employees
      • Simulated Attacks: Conduct phishing tests
      • Strong Authentication: Enforce multi-factor authentication
      • Incident Response Plan: Establish reporting procedures
      • Access Controls: Implement role-based access control
      • Regular Updates: Keep systems updated
      • Secure Communication: Use encrypted channels
      • Monitoring and Auditing: Detect unusual behavior
      • Physical Security: Restrict access to sensitive areas
      View source