Site icon Cybertek Defense

Social Engineering Attacks

Part 1 – 9: Terms and Definitions for Social Engineering Attacks

TermDefinition
TailgatingGaining access to an unauthorized area by following an authorized user, such as through a locked door
Invoice ScamTricking someone to pay for work that was done which did not occur
Credential HarvestingGathering of credentials from systems

An easy attack that can happen anywhere which a person follows someone else through a locked door is called Tailgating. This is an effective way to gain access to a server room, high security area, or a file room to either cause havoc on the system, create backdoors for the attacker, or steal sensitive information about other people. Sometimes, the victim/authorized user may never know if the attacker is tailgating. With large companies of several thousand employees working at a single location, we may not know one another or who they are. Badges and clothing can help prevent false flags of one another, but sometimes attackers that tailgate may try to blend in to be an “employee” of a company to prevent others from thinking twice about who the person is.

Another easy attack that is very popular these days with social messaging are Invoice Scams. We know that invoices are bills for a particular project or work that has been completed which the user needs to pay for. Invoices entail use of basic information about the user, how much the user needs to pay, and sometimes detailed information about what was done. Attackers will utilize fake invoices which are then sent via email or postage mail to try and trick the victim to pay the attacker for fake work that was done, known as the “scam” portion of this attack. This attack can happen to anyone, but we see this type of an attack more common in businesses where there is larger flow of money than a single user bank account.

Credential Harvesting has moved away from on-prem devices and started to focus more on cloud based systems such as social media websites like Facebook and twitter to company login pages. Credential Harvesting occurs when an attacker is able to “harvest” or obtain large databases of credentials from a single system. These can be through SQL tables, XML markups, or plain text documents.

Exit mobile version