Social Engineering

Question 1

Manipulative strategy that exploits human psychology to gain unauthorized access to systems, data, or physical spaces. To manipulate users with motivational triggers to execute malicious actions.

Answer 1

Social Engineering

Question 2

The six main types of motivational triggers for social engineering.

Answer 2

1. Authority
2. Urgency
3. Social Proof
4. Scarcity
5. Likability
6. Fear

Question 3

The power or right to give orders, make decisions, & enforce obedience.

Answer 3

Authority

Question 4

Compelling sense of immediacy or time-sensitivity that drives individuals to act swiftly or prioritize certain actions.

Answer 4

Urgency

Question 5

Psychological phenomenon where individuals look to the behaviors & actions of others to determine their own decisions or actions in similar situations.

Answer 5

Social Proof

Question 6

Psychological pressure people feel when they believe a product, opportunity, or resource is limited or in short supply.

Answer 6

Scarcity

Question 7

It is associated with being nice, friendly, & socially accepted by others.

Answer 7

Likability

Question 8

Feeling afraid of someone or something, as likely to be dangerous, painful, or threatening.

Answer 8

Fear

Question 9

An attack where an adversary assumes the identity of another person to gain unauthorized access to resources or steal sensitive data.

Answer 9

Impersonation

Question 10

Specific form of impersonation where an attacker pretends to represent a legitimate company or brand.

Answer 10

Brand Impersonation

Question 11

A form of cyber attack where an attacker registers a domain name that is similar to popular website but contains some kind of common typographical errors.

Answer 11

Typo-squatting

Question 12

A Targeted form of cyber attack where attackers compromise a specific website or service that their target is known to use.

Answer 12

Watering Hole Attacks

Question 13

Creating a fabricated scenario to manipulate targets or impersonating trusted figures to gain trust.

Answer 13

Pretexting

Question 14

Fraudulent attack using deceptive emails from trusted sources to trick individuals into disclosing personal information like passwords & credit card numbers.

Answer 14

Phishing

Question 15

Phone-based attack in which the attacker deceives victims into divulging personal or financial information.

Answer 15

Vishing

Question 16

Attack that uses text messages to deceive individuals into sharing their personal information.

Answer 16

Smishing

Question 17

Form of spear Phishing that targets high-profile individuals, like CEOs or CFOs.

Answer 17

Whaling

Question 18

Used by cyber-criminals who are more tightly focused on a specific group of individuals or organizations.

Answer 18

Spear Phishing

Question 19

An advanced phishing attack that leverages internal email accounts within a company to manipulate employees into carrying out malicious actions for the attacker.

Answer 19

Business Email Compromise

Question 20

Vital tool for educating individuals about phishing risks and how to recognize potential phishing attempts in user security awareness training.

Answer 20

Anti-phishing Campaign

Question 21

The wrongful or criminal deception intended to result in financial or personal gain.

Answer 21

Fraud

Question 22

The use by one person of another person’s personal information, without authorization, to commit a crime or to deceive or defraud that other person or a third person.

Answer 22

Identity Fraud

Question 23

The attacker tries to fully assume the identity of their victim.

Answer 23

Identity Theft

Question 24

A fraudulent or deceptive act or operation.

Answer 24

Scam

Question 25

A scam in which a person is tricked into paying for a fake invoice for a service or product that they did not order.

Answer 25

Invoice Scam

Question 26

Coordinated efforts to affect public perception or behavior towards a particular cause, individual, or group.

Answer 26

Influence Campaign

Question 27

Inaccurate information shared unintentionally.

Answer 27

Misinformation

Question 28

Intentional spread of false information to deceive or mislead.

Answer 28

Disinformation

Question 29

Manipulating a situation or creating a distraction to steal valuable items or information.

Answer 29

Diversion Theft

Question 30

Malicious deception that is often spread through social media, email, or other communication channels.

Answer 30

Hoax

Question 31

Looking over someone's shoulder to gather personal information.

Answer 31

Shoulder Surfing

Question 32

Searching through trash to find valuable information.

Answer 32

Dumpster Diving

Question 33

The process of secretly listening to private conversations. The perpetrator intercepts the communication between two parties without their knowledge.

Answer 33

Eavesdropping

Question 34

Planting a malware-infected device for a victim to find and unintentionally introduce malware to their organization's system.

Answer 34

Baiting