Module 1.1 – Compare and contrast different types of social engineering techniques.
January 15, 2023
Uncategorized
Social Engineering Techniques
| Phishing | Phishing attacks are the practice of sending fraudulent communications that appear to come from a reputable source. |
| Typo-Squatting | Using domains with very similar names as legitimate ones to capitalise on spelling mistakes |
| Pretexting | A phishing attempt with a fabricated ‘pretext’ for why you should do what they say (e.g. we’re calling from Visa, someone has been using your card, for verification give us your account number…) |
| Pharming | Directing users to malicious websites through no interaction of their own. Could be caused by malware re-directing requests, client vulnerabilities and Poisoned DNS |
| Vishing | Phishing over phone or voicemail |
| Smishing | Phishing over SMS |
| Spear Phishing | Email or electronic communications scam targeted towards a specific individual, organisation or business |
| Whaling | Spear Phishing but targeted at high value targets (e.g. CEOs) |
| Impersonation | When an attacker pretends to be something they aren’t and is often tailored based on reconnaissance |
| Hoaxing | Phishing based on a non-existent threat |
| Watering Hole Attack | Infiltrating a 3rd party which is commonly accessed by the target |
| SPIM | Spam over Instant Messaging |
| rDNS | Registered DNS – Blocks emails if senders domain doesn’t match IP address |
| Tarpitting | Intentionally slows internal mail server when an abnormal email is detected. This in turn slows the attackers mail server acting as a deterrent. |
| Recipient Filtering | Rejecting all emails not addressed to a valid recipient email address |
| Influence Campaign | Attempts to sway public opinion |
| Tailgating | Following people into secure access areas piggybacking off their access |
| Invoice Scan | Sending legitimate looking invoice to trick company into sending money or harvesting bank details. |
| Credential Harvesting | Password harvesting. Often done via a Macro to harvest saved passwords. |
| Common ways to detect phishing? | – Incorrect URLs – Grammar Inconsistencies – Images instead of text |
| What is commonly done to increase success changes in Smishing/Vishing? | – Spoofing telephone number |
| What increases the chances of Phishing succeeding? | – Reconnaissance |
| Where is information for reconnaissance commonly gathered? | – Lead generation sites – Social Media – Corporate Websites |
| What happens after the reconnaissance stage of a Phishing Attack? | – Attacker uses gathered information to build a believable pretext |
| What common information is used in a phishing pretext after reconnaissance? | 1. Where you work 2. Where you bank 3. Recent financial transactions 4. Family & Friends |
| What are common impersonation ploys | 1. Tech Support 2. Government 3. Banks 4. Higher ranks in organisation |
| What is a common hoaxing method? | Threat for example unpaid tax which needs to be paid immediately in Giftcards otherwise they’ll be arrested. |
| How do you prevent watering hole attacks? | 1. Defence-in-depth 2. Firewalls / IPS 3. Anti-virus & Anti-malware updates |
| Where do you commonly receive spam? | 1. Email 2. Text 3. Forums |
| What are the four organisational impacts of SPAM? | 1. Security Concerns 2. Resource utilisation 3. Storage Costs 4. Managing spam |
| What are the two common types of SPAM? | 1. Phishing 2. Advertising |
| Where is SPAM typically blocked? | 1. Firewall 2. Cloud Spam Filter |
| How can you prevent SPAM? | – Allowed list which only allows emails from trusted senders – SMTP Standard checking – Registered DNS (rDNS) – Tarpitting – Recipient Filtering |
| How does an Invoice Scam Work? | Uses spear phishing to gather info. Based on reconnaissance results generates a legitimate looking invoice which is paid as it’s a trusted company. |
| Who is the usual culprit of influence campaigns? | Nation-state actors |
| What are the principles of Social Engineering? | 1. Authority 2. Intimidation 3. Consensus 4. Scarcity 5. Urgency 6. Familiarity 7. Trust |