Chapter 4 - Social Engineering, Physical, and Password Attacks

Tailgating

physical entry attack that requires simply following someone who has authorized access to an area so that as they open secured doors you can pass through as well. Defense: ask for credential or report for intrusion

Vishing

Phishing attacks committed using telephone calls or VoIP systems.

Whaling

Targets senior employees like CEOs and CFOs "big fish"

Shoulder Surfing

the process of looking over a person's shoulder to capture information like passwords or other data. Similar attacks like looking into a mirror behind a person entering their credential would be BLANK Defense: awareness, polarized security lenses on mobile and laptops in public places

Pretexting

process of using a made-up scenario to justify why you are approaching an individual. often used as part of impersonation efforts to make the impersonator more believable Defense: an aware target can ask questions or require verification that can help defeat pretexting and impersonation attacks

MD5 (Message Digest 5)

A hashing function used to provide integrity. BLANK uses 128 bits. A hash is simply a number created by applying the algorithm to a file or message at different times. The hashes are compared to each other to verify that integrity has been maintained.

John the ripper

password-cracking program
-runs automated dictionary attacks
-takes large dictionary file, runs an enc function on them, then looks for matches

Malicious flash drive

-penetration and potentially attackers may drop drives in locations where they are likely to be picked up and plugged in by unwitting victims at their target organization. IE: Parking Lot

Watering Holes

don't redirect users; instead, they use websites that targets frequent to attack them. Frequently visited sites act like BLANK for animals and allow the attackers to stage an attack, knowing that the victims will visit the site. A malicious attack that is directed toward a small group of specific individuals who visit the same website.

Typosquatting

a problem that occurs when someone registers purposely misspelled variations of well-known domain names

-rely on the fact people will mistype URLs and end up at their websites, thus driving ad traffic, sometimes drive sales of similar but not legit products

Dumpster diving

retrieving potentially sensitive information from a dumpster; can provide treasure trove of information about an organization, including documentation and notesDefense: throw only actual trash

skimming

attacks that use hidden or fake readers or social engineering and hand-held readers to capture (skim) cards and then employ cloning tools to use credit cards and entry access cards for their own purposes

Spam over Instant Messaging (spim)

Refers to unsolicited instant messages.

Supply chain attack

attempt to compromise devices, systems, or software before it even reaches the organization The Trusted Foundry program under the auspices of the U.S. Department of Defense; it ensures that the supply chain for classified and unclassified integrated circuits, devices, and other critical elements are secure and that manufacturers stay in business and are protected appropriately to ensure that trusted devices remain trusted.

Pharming

redirect traffic away from legitimate websites to malicious versions

-requires a successful technical attack that can change DNS entries on a local PC or on a trusted local DNS server, allowing the traffic to be redirected

Authority

Relies on the fact that most people will obey someone who appears to be in charge or knowledgeable, regardless of whether or not they actually are

Consensus-based social Engineering

uses the fact that people tend to to want to do what others are doing to persuade them to take an actionex) point out everyone else in a department has already clicked on a link, or provide fake testimonial; AKA "social proof"

Scarcity

make something more desirable because it may be the last one available

Trust

relies on a connection with the individual they are targeting, Unlike familiarity, which relies on targets thinking that something is normal, and thus familiar, social engineers who use this technique work to build a connection with their targets so that they will take the actions that they want them to take.

hybrid warfare

Competition short of conflict, which may include active measures like cyberwarfare as well as propaganda and information warfare. Most likely to be used by a nation-state actor.

Credential Harvesting

The process of gathering valid usernames, passwords, private emails, and email addresses through infrastructure breaches.-further attacks with financial attacks a top target-defense: multifactor authentication (MFA), user awareness

hoaxes

intentional falsehoods, come in variety of forms ranging from virus BLANK to fake news. Social media plays a large role in modern BLANK

Reconaissance

gathering information using phone calls, email and other means of contact to elicit more information about a target than is publicly available

invoice scams

involve sending fake invoices to organizations in the hopes of receiving payment. Invoice can either be physical or electronic, and they rely on the recipient not checking it to see if the invoice is legitimate

Smishing

Phishing attacks committed using text messages (SMS).

Eliciting information (elicitation)

technique used to gather information without targets realizing they are providing it; flattery, false ignorance, acting as counselor or sounding board

Prepending

1. Adding an expression or phrase, such as adding "SAFE" to a set of email headers to attempt to fool a user into thinking it has passed an antispam too
2. Adding information as part of another attack to manipulate the outcome
3. Suggesting topics via a social engineering conversation to lead a target toward related information the social engineer is looking for

Urgency

relies on creating a feeling that the action must be taken quickly due to some reason or reasons

Familiarity-based attacks

rely on you liking the individual or even the organization the individual is claiming to represent

Spear Phishing

targets specific individuals or groups in an organization in an attempt to gather desired information or access

Principles of Social Engineering

Authority: relies on the fact that most people will obey someone who appears to be in charge or knowledgeable, regardless of whether or not they actually are

Intimidation: relies on scaring or bullying an individual into taking a desired action; those that are targeted will feel threatened and respond by doing what the social engineer wants them to do

Consensus-based social Engineering: uses the fact that people tend to to want to do what others are doing to persuade them to take an actionex) point out everyone else in a department has already clicked on a link, or provide fake testimonial; AKA "social proof"

Scarcity: make something more desirable because it may be the last one availableFamiliarity-based attacks: rely on you liking the individual or even the organization the individual is claiming to represent

Trust: relies on a connection with the individual they are targeting, Unlike with familiarity, needs work to build a connection with their targets so that they will take the actions that they want them to take

Urgency: relies on creating a feeling that the action must be taken quickly due to some reason or reasons