Phishing Frenzy
You receive an email claiming to be from your bank, asking you to update your account information. What is this attack called?
What is phishing?
A pop-up appears on your screen demanding Bitcoin to decrypt your files. What is this type of malware?
A person calls pretending to be IT support and asks for your password. What kind of attack is this?
What is a vishing (voice phishing) attack?
A vulnerability in an application allows an attacker to execute malicious commands. What is this called?
What is remote code execution?
An attacker intercepts communications between two parties without their knowledge. What is this called?
What is a Man-in-the-Middle (MitM) attack?
The email includes a link to a fake login page that looks just like your bank’s website. What is the goal of this attack?
What is stealing login credentials or personal information?
What is the first thing you should do if you suspect ransomware has infected your system?
What is disconnect the system from the network and alert your IT or security team?
Name one psychological tactic attackers use in social engineering.
What is exploiting trust, creating urgency, or using authority?
What is the name of the attack where data is injected into a database query to manipulate it?
What is SQL injection?
What is a Denial-of-Service (DoS) attack, and how does it work?
What is an attack that overwhelms a system with traffic, making it unavailable to legitimate users?
How can you spot a phishing email pretending to be from a trusted organization?
What are signs like spelling errors, suspicious sender addresses, or urgent language?
Name one way ransomware can spread through an organization.
What are phishing emails, malicious links, or infected downloads?
An attacker leaves a USB drive labeled "Confidential" in a public place, hoping someone will plug it in. What is this technique called?
What is a baiting attack?
An attacker tricks a user into downloading malware by embedding malicious code into a legitimate-looking website. What is this called?
What is drive-by download?
Name one way to prevent unauthorized access to your Wi-Fi network.
What is use strong passwords, enable WPA3 encryption, and disable WPS?
What happens if you download an attachment from a phishing email?
What is potentially infecting your device with malware or giving attackers access to your files?
How can organizations protect themselves against ransomware?
What is maintaining regular backups, keeping software up to date, and using strong endpoint protection?
What is tailgating, and how can you prevent it?
What is following someone into a secure area without proper authorization, and you can prevent it by enforcing strict access control policies?
What is the risk of using outdated or unpatched software?
What is vulnerabilities can be exploited by attackers, putting systems at risk?
Why is public Wi-Fi considered a security risk?
What is attackers can eavesdrop on unencrypted communications or set up fake networks?
What should you do if you fall victim to a phishing scam?
What is report it to your IT team or the organization, change your password, and monitor your accounts for suspicious activity?
What is the ethical dilemma of paying a ransomware attacker?
What is paying the attacker might encourage more attacks, but refusing to pay could mean losing your data permanently?
Name a real-world social engineering attack and its impact.
How does a buffer overflow attack work, and why is it dangerous?
What is a buffer overflow occurs when too much data is written to a buffer, causing it to overwrite adjacent memory and potentially execute malicious code?
What is ARP poisoning, and how can it compromise network security?