Types of phishing attacks
This type of phishing attack relies on the targets downloading attachments from emails or clicking on fraudulent or bogus links.
What is email phishing?
This type of tool allows threat actors to use artificial intelligence to predict common passwords based on previously breached data before trying all possible combinations of numbers, letters, and special characters.
What is a brute force attack?
This processes involves ensuring you are the intended recipient of the email message after receiving an email or phone call with an attachment you were not expecting from someone you do not normally contact.
Reaching out to the sender in a different form of communication that the original message.
This tennant of IAM refers to threat actors ability to be physically present at a machine or system.
What is physical security?
This threat is involved hackers encrypting data or systems and demand payment to restore access. These attacks can paralyze city operations, including water systems, emergency services, and administrative functions.
What is ransomware?
This type of phishing attack uses oral communication as the primary tool.
What is Vishing? (Voice Phishing)
This type of tool allows threat actors to create realistic copies or fakes of a person's voice, image, or likeness. Threats can create videos of people, or audio recordings using this tool.
What are Deep Fakes?
This processes involves making sure when you get up from your computer no one else can have access to your session, even without you being present.
What is locking your computer?
This is a tool used to ensure that users only receive access to information and resources that they need to do their jobs.
What is the principle of least privilege?
This threat is characterized by cybercriminals using deceptive emails, phone calls, or websites to trick employees into revealing sensitive information (like login credentials or financial information)
What are phishing attacks?
This type of attack works by sending SMS text messages to users with bad, misleading, or fraudulent hyperlinks.
What is SMS phishing?
Through artificial intelligence, attackers are able to have an application comb through social media profiles, organizational directories, and other publicly available information to identify targets for attacks
What is automated phishing?
What is the action we do to ensure room, building, or area is secure when after we leave?
What is locking the door or gate?
This encompasses the creation, maintenance, and eventual deactivation of user identities.
What is lifecycle management?
What are insider threats?
This attack focuses on finding as much information about specific targets as possible using open sources to seem more realistic
What is Spear Phishing?
The application of technology, programs, robotics, or processes to achieve outcomes with minimal human input.
What is automation?
This is a simple and effective way to protect your online accounts from unauthorized access
What is using strong passwords?
This process ensure that critical tasks or sensitive actions are divided among multiple individuals to make it more difficult for any one account to carry out a cyber attack.
What is Segregation of Duties?
This attack is characterized by attacks manipulating or deceiving employees into performing actions that compromise security, such as transferring funds, providing confidential information, or clicking on harmful links.
what is social engineering?
This type of attack focuses on one, or a few key individuals who are either high level employees, or have specific access to the resources the attacker wants.
What is Whaling?
This process relies on AI's ability to generate custom packages that adapt to different systems and evades detection by security software more effectively.
What is automated malware generation?
What is an additional security step that requires both your password and a code sent to your phone?
What is multi-factor authentication?
These types of attacks try to circumvent identity and access management by compromising user identities?
What is Phishing?
What is credential stuffing?