Podcast
Questions and Answers
What is piggybacking in the context of physical security?
What is piggybacking in the context of physical security?
What is the primary goal of password cracking?
What is the primary goal of password cracking?
What is war dialing?
What is war dialing?
What is data diddling?
What is data diddling?
Signup and view all the answers
What is cyber-bullying?
What is cyber-bullying?
Signup and view all the answers
What is podslurping?
What is podslurping?
Signup and view all the answers
What is internet terrorism?
What is internet terrorism?
Signup and view all the answers
What is sexting?
What is sexting?
Signup and view all the answers
What does a rootkit conceal from the operating system?
What does a rootkit conceal from the operating system?
Signup and view all the answers
What is superzapping?
What is superzapping?
Signup and view all the answers
What is a characteristic that distinguishes a worm from a virus?
What is a characteristic that distinguishes a worm from a virus?
Signup and view all the answers
What is the main difference between a worm and a virus in terms of replication?
What is the main difference between a worm and a virus in terms of replication?
Signup and view all the answers
What is bluesnarfing?
What is bluesnarfing?
Signup and view all the answers
What is bluebugging?
What is bluebugging?
Signup and view all the answers
Which of the following best defines hacking?
Which of the following best defines hacking?
Signup and view all the answers
What is the main goal of a ransomware attack?
What is the main goal of a ransomware attack?
Signup and view all the answers
What does the term 'botnet' refer to?
What does the term 'botnet' refer to?
Signup and view all the answers
What is hijacking in the context of computer systems?
What is hijacking in the context of computer systems?
Signup and view all the answers
What is a bot herder?
What is a bot herder?
Signup and view all the answers
What does spamming involve?
What does spamming involve?
Signup and view all the answers
What is email spoofing?
What is email spoofing?
Signup and view all the answers
What is a Denial-of-Service (DoS) attack designed to do?
What is a Denial-of-Service (DoS) attack designed to do?
Signup and view all the answers
What is Internet Auction Fraud?
What is Internet Auction Fraud?
Signup and view all the answers
What does web cramming involve?
What does web cramming involve?
Signup and view all the answers
Which of the following best describes software piracy?
Which of the following best describes software piracy?
Signup and view all the answers
What does social engineering typically aim to achieve?
What does social engineering typically aim to achieve?
Signup and view all the answers
What is pretexting in social engineering?
What is pretexting in social engineering?
Signup and view all the answers
Which technique involves assuming someone's identity for economic gain?
Which technique involves assuming someone's identity for economic gain?
Signup and view all the answers
What is posing in the context of social engineering techniques?
What is posing in the context of social engineering techniques?
Signup and view all the answers
Which of the following is NOT a method of social engineering mentioned?
Which of the following is NOT a method of social engineering mentioned?
Signup and view all the answers
What is the primary goal of phishing?
What is the primary goal of phishing?
Signup and view all the answers
How does vishing differ from phishing?
How does vishing differ from phishing?
Signup and view all the answers
What does carding involve?
What does carding involve?
Signup and view all the answers
What is pharming?
What is pharming?
Signup and view all the answers
What does typosquatting aim to achieve?
What does typosquatting aim to achieve?
Signup and view all the answers
What technique involves looking over someone's shoulder in a public place to obtain information?
What technique involves looking over someone's shoulder in a public place to obtain information?
Signup and view all the answers
How does Lebanese Looping trick ATM users?
How does Lebanese Looping trick ATM users?
Signup and view all the answers
What is the goal of skimming?
What is the goal of skimming?
Signup and view all the answers
Study Notes
Computer Fraud and Abuse
- Cyberattack: A shutdown of a top US pipeline, Colonial Pipeline, was forced after a ransomware attack, where criminal groups hold data hostage until the victim pays a ransom.
Hacking
- Hacking: Unauthorized access, modification, or use of an electronic device or computer system.
- Common passwords: Weak passwords, such as "senha" (a Portuguese word meaning "password"), can be easily exploited.
Malware
- Types of malware:
- Ransomware: Holds data hostage until the victim pays a ransom.
- Virus: A self-replicating, executable code that attaches itself to a file or program.
- Worm: A self-replicating computer program similar to a virus, but with some exceptions (e.g., a virus requires human interaction, whereas a worm does not).
- Rootkit: Conceals processes, files, network connections, memory addresses, systems utility programs, and system data from the operating system and other programs.
Social Engineering
- Techniques: Used to gain physical or logical access to a building, computer, server, or network.
- Identity theft: Assuming someone's identity, usually for economic gain, by illegally obtaining and using confidential information.
- Pretexting: Using an invented scenario to increase the likelihood that a victim will divulge information or do something.
- Posing: Creating a seemingly legitimate business to collect personal information while making a sale.
- Phishing: Sending an electronic message pretending to be a legitimate company, requesting information or verification of information.
Cybercrime
- Types of cybercrime:
- Hijacking: Gaining control of a computer to carry out illicit activities without the user's knowledge.
- Botnet: A powerful network of hijacked computers, used to attack systems or spread malware.
- Spamming: Simultaneously sending unsolicited messages to many people at the same time.
- Spoofing: Making an electronic communication look as if someone else sent it to gain the trust of the recipient.
- Piggybacking: Unauthorized person following an authorized person through a secure door, bypassing physical security controls.
- Password cracking: Penetrating a system's defenses, stealing the file containing valid passwords, decrypting them, and using them to gain access to programs, files, and data.
- War dialing: Programming a computer to dial thousands of phone lines searching for dial-up modem lines.
- Phreaking: Attacking phone systems.
- Data diddling: Changing data before or during entry into a computer system.
- Data leakage: Unauthorized copying of company data.
- Podslurping: Using a small device with storage capacity to download unauthorized data.
- Cyber-extortion: Threatening to harm a company or person if a specified amount of money is not paid.
- Cyber-bullying: Using the Internet, cell phones, or other communication technologies to support deliberate, repeated, and hostile behavior that torments, threatens, harasses, humiliates, embarrasses, or otherwise harms another person.
- Sexting: Exchanging sexually explicit text messages and revealing pictures.
- Internet terrorism: Using the Internet to disrupt electronic commerce and communications and to harm computers.
Other Cyber Threats
- Internet misinformation (fake news): Using the Internet to spread false or misleading information.
- Internet auction fraud: Using an Internet auction site to defraud another person.
- Web cramming: Offering a free website for a month, developing a worthless website, and charging the phone bill of the people who accept the offer for months.
- Software piracy: Unauthorized copying or distribution of copyrighted software.
- Bluesnarfing: Stealing contact lists, images, and other data using flaws in Bluetooth applications.
- Bluebugging: Taking control of someone else's phone to make or listen to calls, send or read text messages, connect to the Internet, forward the victim's calls, and call numbers that charge fees.
- Carding: Activities performed on stolen credit cards, including making a small online purchase to determine whether the card is still valid and buying and selling stolen credit card numbers.
- Pharming: Redirecting website traffic to a spoofed website.
- Typosquatting or URL hijacking: Setting up similarly named websites so that users making typographical errors when entering a website name are sent to an invalid site.
- Tabnapping: Secretly changing an already open browser tab.
- Scavenging/Dumpster diving: Searching documents and records to gain access to confidential information.
- Shoulder surfing: Looking over a person's shoulder in a public place to get information such as ATM PIN numbers or user IDs and passwords.
- Lebanese Looping: Inserting a sleeve into an ATM that prevents the ATM from ejecting the card, and then tricking the victim into entering their PIN again.
- Skimming: Double-swiping a credit card in a legitimate terminal or covertly swiping a credit card in a small, hidden, handheld card reader that records credit card data for later use.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
This quiz covers the basics of computer fraud and abuse techniques, including social engineering tactics and cyber crime investigation. Learn how to identify and defend against cyber attacks and bring perpetrators to justice.