Please enable JavaScript.
Coggle requires JavaScript to display documents.
ACCESS ATTACK (PHISHING (type of social-engineering attack that involves…
ACCESS ATTACK
PHISHING
-
to trick others into providing sensitive information, such as credit card numbers or passwords.
The phisher masquerades as a trusted party that has a seemingly legitimate need for the sensitive information
-
e-mails contain hyperlinks that appear to be legitimate but actually cause users to visit a phony site
The site appears to belong to the party that was faked in the e-mail,
-
TRUST EXPLOITATION
-
These network segments often house Domain Name System (DNS), SMTP, and HTTP servers.
-
-
-
MAN-IN-THE-MIDDLE
-
theft of information, hijacking of an ongoing session
traffic analysis to derive information about a network and its users,
denial of service, corruption of transmitted data, and introduction of new information into network sessions.
PHISHING SCAM
-
Google sent a warning yesterday about targeted attacks on Gmail users that use phishing attacks to trick users to login to fake Gmail pages
-
-
PASSWORD ATTACK
-
including brute-force attacks, trojan horse programs, IP spoofing, and packet sniffers.
-
SOCIAL ENGINEERING
-
If an intruder can trick a member of an organization into giving over valuable information, such as locations of files, and servers, and passwords, the process of hacking is made immeasurably easier.
tricking a user into thinking one is an administrator and requesting a password for various purposes.
DICTIONARY ATTACK
All of the words in a dictionary file are computed and compared against the possible users’ password.
-
BRUTE-FORCE ATTACK
This method uses a particular character set, such as A to Z, or A to Z plus 0 to 9,
-
