šµļøSpot the Threat
Explain what vishing is as if you were warning a colleague who doesnāt know much about cybersecurity.
Vishing is when scammers call pretending to be a trusted source like your bank or HR to get personal info. For example, someone might say your account has suspicious activity and ask for your PIN. Never give sensitive data over the phone.
Walk us through how a DDoS attack actually brings a website down.
Attackers use a network of infected devices (botnets) to flood a server with traffic. The server gets overwhelmed, slows down, or crashes, making the site unavailable to real users.
Your coworker gets a text asking to āverify their bank account.ā What would you advise them to do?
Iād tell them not to click or reply, and to contact the bank directly using an official number. Legitimate institutions never ask for info by text.
Whatās one simple daily habit that reduces your risk of cyberattacks?
Always verify links before clicking, use strong passwords, and avoid connecting to unsecured Wi-Fi.
How does a virus differ from a Trojan?
A virus attaches to legitimate files and spreads when those files are opened. A Trojan disguises itself as legitimate software to trick users into installing it
How would you explain a data breach to a non-technical friend?
Itās when someone gets unauthorized access to private data ā like emails, credit card numbers, or passwords. Itās like a thief breaking into a digital vault and stealing sensitive info.
Why are insider threats often harder to detect than external attacks?
Insiders already have access, so their actions donāt always raise alarms. It can be intentional or accidental, but it often blends in with normal activity.
You see unusual traffic on your companyās network. Whatās your first step?
First, alert the security or IT team, isolate affected systems if needed, and start investigating logs to identify the source.
Explain why 2FA is more effective than passwords alone.
Even if someone steals your password, they canāt log in without the second factor, like a code or authentication app.
Explain how spyware could be used to steal sensitive data from a developerās laptop.
Spyware runs silently in the background, recording keystrokes, passwords, and activity. It can steal credentials, code, or project data.
Smishing is less known than phishing. Why do you think it can be more dangerous?
People usually trust text messages more than emails. Phones donāt have spam filters like email, so users are more likely to click on malicious links
Describe how a hacker could use phishing to steal login credentials.
They send a fake email pretending to be a trusted source. The email has a link to a fake login page. Once the victim enters their credentials, the hacker captures them.
A ransomware message appears on your screen. What immediate actions should your team take?
Disconnect from the network, alert IT/security, donāt pay the ransom, and start incident response protocols to contain and restore from backups.
Propose three security measures your company could implement to reduce phishing risks.
1. Regular security training, 2. Email filtering tools, 3. Multi-factor authentication. These lower the chances of successful attacks.
How do botnets amplify the impact of cyberattacks?
Because it can contain hidden malware, collect user behavior, or redirect to malicious sites. Itās a doorway to bigger attacks.
Give one real-life example (personal or hypothetical) of a whaling attack.
Letās say the CEO receives an email that looks like itās from the companyās lawyer asking to approve a confidential payment. Itās personalized and urgent ā designed to trick high-level executives.
What makes a man-in-the-middle attack so dangerous?
Because the victim doesnāt notice anything unusual ā the attacker secretly intercepts and alters communication between two parties in real time.
If your team fell for a phishing scam, what could be the short-term and long-term consequences?
Short-term: stolen data or downtime. Long-term: financial loss, damaged reputation, legal issues, and loss of client trust.
If you could implement one cultural shift in your team to strengthen cybersecurity, what would it be and why?
āIād build a āreport first, blame neverā culture. If people feel safe reporting suspicious activity fast, we can respond quicker and minimize damage.ā
Imagine youāre explaining ransomware to your companyās leadership team. How would you make them understand the severity and impact?
Iād explain that ransomware can lock all company data, disrupt operations for days or weeks, and cost millions. Prevention and backups are essential because recovery isnāt guaranteed.
If your CEO receives a phishing email, what red flags should they notice?
Look for suspicious sender addresses, spelling errors, urgency, requests for personal data, or links that donāt match official domains. Always verify before clicking.
Explain why SQL injection remains a common vulnerability ā and what could be done to prevent it.
Many systems donāt properly validate user input. Hackers inject malicious SQL commands to access or manipulate data. Using parameterized queries and input validation can prevent it.