1.1 -different types of social engineering techniques

Subdecks (1)

Typosquatting - URL Hijacking eg: google.com vs g00gle.com
Pretexting - Lying to get your info; actor and a story
Pharming - Poisoned DNS server, redirects a legit website to a bogus site
Vishing - Voice phishing, often spoofed numbers
Smishing - SMS phishing, spoofing here too (text messages)
Spear Phishing - Targeted phishing
Whaling - Spear phishing the CEO or other "large catch" (C level)
Eliciting Information - Extracting information from the victim, often used with vishing
Computer Hoaxes - A threat that doesn't exist
Watering Hole Attack - It targets groups of users by infecting websites that they commonly visit
Defense in Depth - Layered defense
Spam - Unsolicited messages
Spim - Spam over instant messaging
Mail Gateway - On-site or cloud-based filter for unsolicited email
Tarpitting - Slow down the server conversation intentionally
Credential Harvesting - Attacker collects usernames and passwords
Social Engineering principles: Authority, Intimidation, Social proof/Consensus, Scarcity, Urgency, Familiarity/Liking, Trust