CompTIA Security + (601) - 1.0 Attacks,
Threats, and Vulnerabilities
Phishing - correct answer Phishing attacks are carried out by emailing someone,
requesting that they need to complete the attached form, perhaps as there is a problem
with their bank account.
Smishing or SMS Phishing - correct answer This attack is basically phishing but uses
SMS text messages. They will ask you either to visit a website or call a phone number
that turns out to be a premium rate call.
Vishing - correct answer A vishing attack involves the use of a VoIP phone, another
telephone, a modem, or someone leaving a voicemail to try and extort information.
SPIM - correct answer Spam Over Instant Messaging (SPIM): This is sending spam
messages via instant messaging or SMS.
Spam - correct answer Use of messaging systems to send an unsolicited message to
large numbers of recipients for the purpose of commercial advertising, for the purpose
of non-commercial proselytizing, or for any prohibited purpose
Spear phishing - correct answer A phishing attack that targets a group of people
Dumpster diving - correct answer The act of digging through trash receptacles to find
information that can be useful in an attack.
Shoulder surfing - correct answer Gaining compromising information through
observation (as in looking over someone's shoulder).
Pharming - correct answer An online scam that attacks the browser's address bar or
the DNS server. Users type in what they think is a valid website address and are
unknowingly redirected to an illegitimate site that steals their personal information.
Tailgating - correct answer When an unauthorized individual enters a restricted-
access building by following an authorized user.
Whaling - correct answer A phishing attack that targets only wealthy individuals.
Prepending - correct answer Form of typo squatting. Adding a letter at the beginning
of a URL. EX: https://pprofesormesser.com
Identity fraud - correct answer your personal information is used to make purchases,
withdraw cash, or set up new accounts without your approval
,Invoice scams - correct answer This is where criminals obtain details of genuine
invoices and they submit them for payment but change the bank details. When the
finance team look at invoices, they look at purchase orders and invoice details as well
as the product, but seldom look at the bank details of the person being paid.
Credential harvesting - correct answer This is an attack that is normally done using a
phishing attack, where it states that some details on your account are incorrect and it
gives you a hyperlink to resolve the situation. When you click on the link, it gives you a
fake web page to log in to. That way, your account details can be collected.
Hoax - correct answer an act intended to trick or deceive, a fraud; to trick, deceive EX:
Another example of a hoax would be purchasing fake anti-virus software that does not
work.
Reconnaissance - correct answer exploration to gain knowledge or information to help
make an impersonation attack look more real
Impersonation - correct answer an act of pretending to be another person for the
purpose of fraud. Typically pretending to be someone high in rank
Watering hole attack - correct answer A malicious attack that is directed toward a
small group of specific individuals who visit the same third party website i.e. attackers
identify a website that people in a particular industry are likely to visit and then infect it.
Typosquatting/URL hijacking - correct answer Websites with names similar to real
websites; users making typographical errors are sent to a site filled with malware.
Pretexting - correct answer a form of social engineering in which one individual lies to
obtain confidential data about another individual. Actor + Story
Influence campaigns - correct answer These campaigns are a social engineering
attack to influence people from countries all over the world. There are two main types:
social media and hybrid warfare.
Influence campaigns - Hybrid warfare - correct answer Normally carried out by state
actors to influence the balance of power in a country by using military, political,
economic, or civil means, and conceivably running a campaign to spread disinformation.
Influence campaigns - Social media - correct answer All over the world, social media
has been used to influence voters in forthcoming elections. Facebook and Twitter have
been used extensively with many election campaigns.
Eliciting information - correct answer Requesting knowledge you need typically used
through Vishing - TIP: Eliciting information is where the attacker says a statement in the
hope that you will correct them and provide them with accurate information.
, Principles, Intimidation (social engineering) - correct answer An example of
intimidation is someone pretending to be someone of high authority, for example, a
policeman. They then threaten an individual, telling them that they will be in trouble if
they don't do as they are told. This is effective because victims of this kind of attack are
made to believe that they have no other choice but to do as they are asked.
Principles, Authority (social engineering) - correct answer An email may be sent out
by someone of a higher authority, such as the CEO or HR manager, ordering you to
complete a form that can be accessed by clicking on a link. TIP: An email from your
CEO, a high-level executive, or the HR manager telling you to fill in a form or click on a
link, is an authority attack.
Principles, Consensus (social engineering) - correct answer People like to be
accepted by their peers and co-workers. An attacker might ask for some information
and state that they obtained it last week from a co-worker and just need an update on it.
Principles, Scarcity (social engineering) - correct answer An example of this kind of
attack is trying to panic you into making a snap decision.An example is where you want
to rent a hotel room for a weekend away; you and 10 friends pick a hotel and go onto
the website and it says Only one room left! in red.
Principles, Familiarity and Trust (social engineering) - correct answer Trust: In
preparation for these attacks, hackers make themselves familiar to their victims; they
come around a lot bringing with them boxes of chocolates and eventually they become
trusted. At that point, they can begin working their way inside a company, for example,
gaining access to areas of the company that they should not be able to access. This is
effective as they become part of the furniture and nobody questions their actions.
Principles, Urgency (social engineering) - correct answer An example of an urgency
attack is someone arriving at a reception desk and demanding access quickly. They
could target a new receptionist, who may get flustered and let them in.
Ransomware - correct answer Ransomware involves the attacker encrypting the files
on a user's computer and then displaying a link asking for money to release the files.
Trojans - correct answer Programs that look useful, but actually cause damage to
your computer. Trojan: Trojans are known for being embedded in programs that you
download. They try to exploit system32.exe and then run a DLL file to attack the
operating system kernel. This is the management part of the operating system. The
Trojan will try to find password information and set up an SMTP engine that uses a
random port to send those details to the attacker
Worms - correct answer A worm is a program that replicates itself to spread to other
computers, exploiting security weaknesses. Common ports for worms are 1098, 4444,
and those in the 5000 range.