{"id":52,"date":"2023-01-15T20:56:44","date_gmt":"2023-01-15T20:56:44","guid":{"rendered":"https:\/\/justatrainingblog.co.uk\/?p=52"},"modified":"2023-01-16T20:58:19","modified_gmt":"2023-01-16T20:58:19","slug":"module-1-0-compare-and-contrast-different-types-of-social-engineering-techniques","status":"publish","type":"post","link":"https:\/\/justatrainingblog.co.uk\/?p=52","title":{"rendered":"Module 1.1 &#8211; Compare and contrast different types of social engineering techniques."},"content":{"rendered":"\n<p><\/p>\n\n\n\n<p><span style=\"text-decoration: underline;\">Social Engineering Techniques<\/span><\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>Phishing<\/td><td><em>Phishing<\/em>&nbsp;attacks are the practice of sending fraudulent communications that appear to come from a reputable source.<\/td><\/tr><tr><td>Typo-Squatting<\/td><td>Using domains with very similar names as legitimate ones to capitalise on spelling mistakes<\/td><\/tr><tr><td>Pretexting<\/td><td>A phishing attempt with a fabricated &#8216;pretext&#8217; for why you should do what they say<br>(e.g. we&#8217;re calling from Visa, someone has been using your card, for verification give us your account number&#8230;)<\/td><\/tr><tr><td>Pharming<\/td><td>Directing users to malicious websites through no interaction of their own. Could be caused by malware re-directing requests, client vulnerabilities and Poisoned DNS<\/td><\/tr><tr><td>Vishing<\/td><td>Phishing over phone or voicemail<\/td><\/tr><tr><td>Smishing<\/td><td>Phishing over SMS<\/td><\/tr><tr><td>Spear Phishing<\/td><td>Email or electronic communications scam targeted towards a specific individual, organisation or business<\/td><\/tr><tr><td>Whaling<\/td><td>Spear Phishing but targeted at high value targets (e.g. CEOs)<\/td><\/tr><tr><td>Impersonation <\/td><td>When an attacker pretends to be something they aren&#8217;t and is often tailored based on reconnaissance<\/td><\/tr><tr><td>Hoaxing<\/td><td>Phishing based on a non-existent threat<\/td><\/tr><tr><td>Watering Hole Attack<\/td><td>Infiltrating a 3rd party which is commonly accessed by the target<\/td><\/tr><tr><td>SPIM<\/td><td>Spam over Instant Messaging<\/td><\/tr><tr><td>rDNS<\/td><td>Registered DNS &#8211; Blocks emails if senders domain doesn&#8217;t match IP address<\/td><\/tr><tr><td>Tarpitting<\/td><td>Intentionally slows internal mail server when an abnormal email is detected. This in turn slows the attackers mail server acting as a deterrent. <\/td><\/tr><tr><td>Recipient Filtering<\/td><td>Rejecting all emails not addressed to a valid recipient email address<\/td><\/tr><tr><td>Influence Campaign<\/td><td>Attempts to sway public opinion<\/td><\/tr><tr><td>Tailgating<\/td><td>Following people into secure access areas piggybacking off their access<\/td><\/tr><tr><td>Invoice Scan<\/td><td>Sending legitimate looking invoice to trick company into sending money or harvesting bank details.<\/td><\/tr><tr><td>Credential Harvesting<\/td><td>Password harvesting. Often done via a Macro to harvest saved passwords.<\/td><\/tr><\/tbody><\/table><figcaption class=\"wp-element-caption\"><span style=\"text-decoration: underline;\">Impersonation questions<\/span><\/figcaption><\/figure>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>Common ways to detect phishing?<\/td><td>&#8211; Incorrect URLs<br>&#8211; Grammar Inconsistencies<br>&#8211; Images instead of text<\/td><\/tr><tr><td>What is commonly done to increase success changes in Smishing\/Vishing?<\/td><td>&#8211; Spoofing telephone number<\/td><\/tr><tr><td>What increases the chances of Phishing succeeding?<\/td><td>&#8211; Reconnaissance <\/td><\/tr><tr><td>Where is information for reconnaissance commonly gathered?<\/td><td> &#8211; Lead generation sites<br>&#8211; Social Media<br>&#8211; Corporate Websites<\/td><\/tr><tr><td>What happens after the reconnaissance stage of a Phishing Attack?<\/td><td>&#8211; Attacker uses gathered information to build a believable pretext<\/td><\/tr><tr><td>What common information is used in a phishing pretext after reconnaissance?<\/td><td>1. Where you work<br>2. Where you bank<br>3. Recent financial transactions<br>4. Family &amp; Friends<\/td><\/tr><tr><td>What are common impersonation ploys<\/td><td>1. Tech Support<br>2. Government<br>3. Banks<br>4. Higher ranks in organisation<\/td><\/tr><tr><td>What is a common hoaxing method?<\/td><td>Threat for example unpaid tax which needs to be paid immediately in Giftcards otherwise they&#8217;ll be arrested.<\/td><\/tr><tr><td>How do you prevent watering hole attacks?<\/td><td>1. Defence-in-depth<br>2. Firewalls \/ IPS<br>3. Anti-virus &amp; Anti-malware updates<\/td><\/tr><tr><td>Where do you commonly receive spam?<\/td><td>1. Email<br>2. Text<br>3. Forums<\/td><\/tr><tr><td>What are the four organisational impacts of SPAM?<\/td><td>1. Security Concerns<br>2. Resource utilisation<br>3. Storage Costs<br>4. Managing spam<\/td><\/tr><tr><td>What are the two common types of SPAM?<\/td><td>1. Phishing<br>2. Advertising<\/td><\/tr><tr><td>Where is SPAM typically blocked?<\/td><td>1. Firewall<br>2. Cloud Spam Filter<\/td><\/tr><tr><td>How can you prevent SPAM?<\/td><td>&#8211; Allowed list which only allows emails from trusted senders<br>&#8211; SMTP Standard checking<br>&#8211; Registered DNS (rDNS)<br>&#8211; Tarpitting<br>&#8211; Recipient Filtering<\/td><\/tr><tr><td>How does an Invoice Scam Work?<\/td><td>Uses spear phishing to gather info. <br>Based on reconnaissance results generates a legitimate looking invoice which is paid as it&#8217;s a trusted company.<\/td><\/tr><tr><td>Who is the usual culprit of influence campaigns?<\/td><td>Nation-state actors<\/td><\/tr><tr><td>What are the principles of Social Engineering?<\/td><td>1. Authority<br>2. Intimidation<br>3. Consensus<br>4. Scarcity<br>5. Urgency<br>6. Familiarity<br>7. Trust<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Social Engineering Techniques Phishing Phishing&nbsp;attacks are the practice of sending fraudulent communications that appear to come from a reputable source&#8230;.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-52","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/52","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=52"}],"version-history":[{"count":2,"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/52\/revisions"}],"predecessor-version":[{"id":57,"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/52\/revisions\/57"}],"wp:attachment":[{"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=52"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=52"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/justatrainingblog.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=52"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}