Lecture on Phishing Attacks and the Signal Protocol

This set of flashcards covers the vocabulary and technical concepts discussed in the lecture, specifically focusing on the types and life cycle of phishing attacks as well as the cryptographic components of the Signal Protocol.

Phishing

A form of social engineering masquerading as a trustworthy entity to steal credentials, data, and money by exploiting human trust and cognitive bias.

Deceptive Phishing

The most common form of phishing involving mass emails that impersonate well-known brands to trick users into resetting passwords or accounts.

Spear Phishing

A dangerous, targeted attack where attackers harvest personal information from social media to craft emails appearing to come from a known, trustworthy source.

BEC (Business Email Compromise)

An attack where the sender impersonates a high-authority figure, such as a CEO, to gain information from organization employees.

Smishing

Phishing attacks delivered via SMS text messages, often appearing to come from banks or delivery services to exploit high open rates.

AI Phishing

A type of phishing that utilizes large language models to produce grammatically perfect and personalized messages at scale, eliminating traditional red flags like spelling errors.

Pharming

A technical phishing method that compromises DNS servers to silently redirect users from legitimate websites to fake pages.

Reconnaissance

The preliminary information-gathering phase where cyber attackers survey targeted systems, networks, or personnel to identify vulnerabilities.

Weaponization

The phase of an attack where a perpetrator registers look-alike domains and builds convincing replicas of legitimate sites or emails.

Sender Policy Framework (SPF)

A technical control used to authenticate the sender of an email and block spoofing attempts.

Cantina

A machine learning-based system with an accuracy of $95\%$ that analyzes URL features, page content, and email headings to detect phishing.

Content Watermarking

The practice of embedding invisible digital signatures into website elements (CSS or HTML) to help users or browser extensions verify the legitimacy of a site.

Visual Cryptography

A hybrid prevention framework where time-sensitive images or captchas are split into two shapes to secure user credentials.

Signal Protocol

A non-federated cryptographic protocol that provides end-to-end encryption for voice, video, and instant messaging conversations.

End-to-End Encryption

A security system where messages are encrypted on the sender's device and can only be decrypted by the intended recipient, making them unreadable to the server.

Forward Secrecy

A security property ensuring that past messages remain secure and cannot be decrypted even if future keys are compromised.

Post-Compromise Security

Also known as self-healing, this property ensures that future messages are protected from an adversary who has previously compromised a connection or device.

Extended Triple Diffie-Hellman (X3DH)

A key exchange protocol used for the initial handshake and mutual authentication between two parties to establish a shared secret key, even when one is offline.

Double Ratchet Algorithm

A protocol that updates and refreshes encryption keys for every single message sent or received during a conversation.

Key Derivation Function (KDF)

A cryptographic function that takes a secret key and input data to return output data that replaces the KDF key or serves as an output key.

PQXDH (Post-Quantum Extended Triple Diffie-Hellman)

An additional round of key agreement designed to stand up to quantum attacks during the session initiating handshake.

SPQR (Sparse Post-Quantum Ratchet)

A regularly advancing post-quantum ratchet that provides forward secrecy and post-compromise security in a quantum-safe manner.