Phishing
Phishing is fraudulent or fake_________?
Emails
Who would be a target of impersonation?
Employees within organizations
IT admins
customers (YOU)
financial departments
Name an example of information phishing scams can get from you.
login credentials
credit card details
social security numbers
multi-factor authentication codes
What is the goal of impersonation?
What is the first step in how phishing works?
You receive a message that looks legitimate
Name at least one example of the common objectives of impersonation.
Gaining unauthorized access to systems or accounts
stealing sensitive information
transferring funds fraudulently
installing malware
Name the 3 rules to avoid phishing attacks and scams?
1. Stop and think before clicking any links or attachments
2. If something looks "phishy" verify with the sender
3. When in doubt, throw it out
Impersonation is effective because it often bypasses _______ and appears to be a _____________ user.
security
legitimate
What is the multi-factor authentication breakdown?
CLUE: something you....
1. something you know
2. something you have
3. something you are
What are the 4 steps of how impersonation works?
***Bonus if can provide the definition for each
Step 1: Reconnaissance
Step 2: Identity theft (spoofing)
Step 3: Establishing trust
Step 4: Exploitation