Attack Methods
This type of attack tries to steal your credentials to access you account.
What is credential harvesting?
A person wanting information off your computer might do this without you noticing.
What is shoulder surfing?
You receive an email from your supervisor's supervisor asking you to go buy gift cards to send to them. You should...
What is confirm the request by calling them?
2FA
What is two factor authentication?
____ is the most common vector for malware.
What is email?
This type of attack targets multiple people at random, or within one organization.
What is phishing?
A person wanting to gathering information from an employee directly might call them and employ these tactics.
What is social engineering?
This type of threat actor can be very hard to discover, and is usually a disgruntled employee.
What is an insider threat?
MFA
What is multi-factor authentication?
___ of organization have reported email security incidents.
What is 94%?
This type of attack targets important figures within a company, such as managers, team leads, or developers.
What is spear phishing?
A person might call an employee and pretend to be a recorded or automated message, and record them saying specific phrases in this type of attack.
What is vishing?
You notice files you've worked on are disappearing from the file share. You should...
What is report the files to IT immediately?
DRP
What is Disaster Recovery Plan?
There were ____ cyberattacks in 2023 (according to Forbes).
What is 2365?
This type of attack targets the highest level of personnel in a company.
What is whaling?
A person might send an employee a normal-looking file, such as a PDF or Word document, but it actually contains this type of program.
What is a trojan?
Every day, there seems to be more and more spam coming into your inbox. You should...
What is report the email as spam, and inform IT?
BCP
What is Business Continuity Plan?
A data breach costs ___ on average.
What is $4.45 million?
This piece of digital information contains your email address, password, and even 2FA token, and is what any hacker wants to get.
What is session cookie?
A hacker will always try to leave this exploit behind, even if they get kicked off your network.
What is a back door?
You have to reset your password again, and know there is a company password policy. You should
What is choose a strong password that's hard to guess and doesn't contain any company information?
PSSAT
What is phishing simulation and security awareness training?
Business email compromise accounted for ________ in losses in 2022.
What is $2.7 billion?