Certified Cybersecurity Technician Exam 212-82 PDF
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Summary
This document explains social engineering attacks, including reverse social engineering, piggybacking, tailgating, hoax letters, instant chat messengers, and spam emails. It details how attackers use these methods to gain access to information or systems.
Full Transcript
Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Reverse Social Engineering, Piggybacking, and Tailgating Reverse Social Engineering O The attacker presents him/herself as an authority and the target seeks his or her advice before or after offering the information tha...
Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Reverse Social Engineering, Piggybacking, and Tailgating Reverse Social Engineering O The attacker presents him/herself as an authority and the target seeks his or her advice before or after offering the information that the attacker needs Piggybacking O An authorized person intentionally or unintentionally allows an unauthorized person to pass through a secure door e.g., “I forgot my ID badge at home. Please help me” Tailgating O The attacker, wearing a fake ID badge, enters a secured area by closely following an authorized person through a door that requires key access Copyright © by | L All Rights Reserved. Reproduction is Strictly Prohibited Reverse Social Engineering Generally, reverse social engineering is difficult to carry out. This is primarily because execution needs and a lot of preparation skills. In reverse social engineering, its a perpetrator assumes the role of a knowledgeable professional so that the organization’s employees ask them for information. The attacker usually manipulates questions to draw out the required information. First, the social engineer will cause an incident, creating a problem, and then present themself as the problem solver through general conversation, encouraging employees to ask questions. For example, an employee may ask how this problem has affected files, servers, or equipment. This provides pertinent information to the social engineer. Many different skills and experiences are required to carry out this tactic successfully. Provided below are some of the techniques involved in reverse social engineering: = Sabotage: Once the attacker gains access, they will corrupt the workstation or make it appear corrupted. Under such circumstances, users seek help as they face problems. = Marketing: To ensure that the user calls the attacker, the attacker must advertise. The attacker can do this either by leaving their business card in the target’s office or by placing their contact number on the error message itself. = Support: Even if the attacker has already acquired the desired information, they may continue to assist the users so that they remain ignorant of the hacker’s identity. A good example of a reverse social engineering virus is the “My Party” worm. This virus does not rely on sensational subject lines but rather makes use of inoffensive and realistic names for its attachments. By using realistic words, the attacker gains the user’s trust, confirms the user’s ignorance, and completes the task of information gathering. Module 02 Page 303 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Piggybacking Piggybacking usually implies entry into a building or security area with the consent of the authorized person. For example, an attacker might request an authorized person to unlock a security door, saying that they have forgotten their ID badge. In the interest of common courtesy, the authorized person will allow the attacker to pass through the door. Tailgating Tailgating implies accessing a building or secured area without the consent of the authorized person. It is the act of following an authorized person through a secure entrance, as a polite user would open and hold the door for those following them. An attacker, wearing a fake badge, might attempt to enter the secured area by closely following an authorized person through a door that requires key access. They then try to enter the restricted area while pretending to be an authorized person. Module 02 Page 304 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Hoax Letters, Instant Chat Messenger, OQ Emails that issue [ ; to the user about new viruses, Trojans, or worms that may harm the user’s system O PN P \uu o e OQ }Il PN PN —- \ PN N > PN PN /o NN N N / 0:0.0.0.0:0.0.1 O00000O0 and Spam Email Irrelevant, unwanted, and unsolicited emails that attempt to collect &y & ars, and 1 Gathering | Gathering \. with a selected user online to get information such as birth dates and maiden names Copyright © by EC-Council All Rights Reserved. Reproduction|s Strictly Prohibited. Hoax | Letters A hoax is a message warning its recipients of a non-existent computer virus threat. It relies on social engineering to spread its reach. Usually, hoaxes do not cause any physical damage or loss of information; but they cause a loss of productivity and use an organization’s valuable network resources. Instant Chat Messenger An attacker chats with selected online users via instant chat messengers and tries to gather their personal information such as date of birth or maiden name. They then use the acquired information to crack users’ accounts. Spam Email Spam is irrelevant, unwanted, and unsolicited emails designed to collect financial information such as social security numbers, and network information. Attackers send spam messages to the target to collect sensitive information, such as bank details. Attackers may also send email attachments with hidden malicious programs such as viruses and trojans. Social engineers try to hide the file extension by giving the attachment a long filename. Module 02 Page 305 Certified Cybersecurity Technician Copyright © by EG-Gouncil EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Attacks Exam 212-82 Phishing El L Phishing is the practice of sending an illegitimate email claiming to be from a legitimate site in an attempt to acquire a user’s personal or account information Fo Phishing emails or pop-ups redirect users to fake webpages that mimic trustworthy sites, which ask them to submit their personal information.L J. D : - J A sig VA it a e BBBwer ) W@ _;J‘?. TUCL L ‘ 42 X_ R ST Bl | Z S d oot e (i g saie —— e I t= HM Revenue / & & Customs Customs * AdMress AMress InfOnmation IfOnmation - Mease enter your Nama 3nd 333013 333023 33 yOu Nave It 13180 for your Credt Cand. cand ) T Cue o e [ Doy ¥ Monh ¥ vewr¥ c Subject: Subject: Tax Tax Refund Refund Notice Notice !! :::::: ) Hi, After the last annual calculationsof your fiscal activity, we have $800. Please determined that you are eligible to receive a tax refund of S800. Submit the tax refund request and click here by having your tax refund sent to1o your bank account in due time. Please Click "Get Started” 1o have your tax refund sent 1o to your bank account, account, your tax réfund refund will be be sént sént to your bank account in due time take your time time to go through the bank we have on our list. Get Started Note: Note: A refund can be be delayed a variety of reasons, for example example submitting invalid records records or applying after deadline. Best Regards HM HM Revenue Revenue & Customs Customs il \ ' Clicking the link directs directs youto you'to aa | Clicking the link [} pagethat page that looks [I similar lhlll"-fito 'tfi!fifle a genuine HMRC HMRC page e | it Eprmsdy Ton Mot Rtund Conturmatson Cortermon Tau | | hetp//www hetp.//www.hmec.gov.uk. hmec.gov.uk Copyright © by L All Rights Reserved. Reproductionis Strictly Prohibited. Phishing Phishing is a technique in which an attacker sends an email or provides a link falsely claiming to be from a legitimate site to acquire a user’s personal or account information. The attacker registers a fake domain name, builds a lookalike website, and then mails the fake website’s link to users. When a user clicks on the email link, it redirects them to the fake webpage, where they are lured into sharing sensitive details such as their address and credit card information. Some of the reasons behind the success of phishing scams include users’ lack of knowledge, being visually deceived, and not paying attention to security indicators. The screenshot below is an example of an illegitimate email that claims to be from a legitimate sender. The email link redirects users to a fake webpage and asks them to submit their personal or financial details. -L) HM Revenue é) &Customs N » Address Information - Plesses Plesse enter your name and sddress 33dress 35 you hawe have it Ited ksted for your Credt credt cand Carthonter Corhoster Nore Name Oate of Beth. 8eth. Doy ¥ Moo ¥ Year ¥ Monh Your Mather Maden Mo Mthas Nave cc Subject: Tax Refund Notice | Sub,efl Hi, Hi, Astress S TomnsCity Tomn/City After the last annual calculations of your fiscal activity, we have determined that you are eligible to receive a taxrefund of $800. Please submit the tax refund request and click here by having your tax refund sent to your bank account in due time. Please Click "Get Started™ to have your tax refund sent to your bank account, your tax refund willbe sent to your bank account in due time take your time to go through the bank we have on our list Clicking Clicking the the link link directs directs youto youto a Get Started «« IST——. fraud GetStarted e cesarerers ns scsarsrsnsrs tstnenes nanen; fraudulent web page page that that looks looks Note: A refund can be delayed a variety of reasons, for example similar to a genuine HMRC page ) | submitting invalid records or applying after deadline, deadline. :.-;:. e Best s Best Regards HM Revenue & Customs Postal Cote Cote Postal Phose hmber Frone hmter » Credit Card Information - Please enter your Credt or Detet Caryl Debet Card where where rel refunds furds wil be made Bave Nare Bae Mo Dobat // Crost Coba Cradt Card Card Mumber Number Cigranon Month Cugwranon Date: Morth 1+++ > wu-= visa ) ¥ Year ¥ Card Verhcation Verhcaten Numter Sont Cote Sart Cote (1(3 Shoma Shoma OnOn Cord) Cord) Slvel IPfCImABON Solaval InfCrmaton Tan Tas Mefund Refund Confirmation Figure 2.53: Screenshot showing the phishing technique Module 02 Page 306 Certified Cybersecurity Technician Copyright © by EC-Gouncil EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.