Pretexting is a sibling of phishing and like siblings both have differences as well as similarities. Phishing emails use fear and urgency to drive users to take actions that compromise their system. Pretexting is much more positive – it centers around the hacker building a false sense of trust with the victim. The most prevalent […]
Definition of the Day: Watering Hole AttacksWatering hole attacks were in the news earlier this year (2015) after a Chinese cyber espionage group successfully compromised several major US financial services and defense industry companies. The attack sprang from malicious code injected into www.forbes.com’s ‘Thought of the Day’ widget, which is a flash pop-up users see upon visiting the Forbes.com home page. […]
Definition of the Day: Quid Pro Quo AttackQuid pro quo is Latin for, ‘something for something.’ In the realm of cyber crime, a quid pro quo attack occurs when the hacker offers a service or benefit in exchange for information or access. This technique is a derivation of baiting and differs in that instead of baiting a target with the promise of […]
Definition of the Day: Bait and Switch HackingBait and switch hacking is a technique on the rise due to the explosion of internet-based content marketing. A bait and switch attack occurs when victims are told they are downloading or running a piece of safe and legitimate content or advertising which is then switched (usually by way of a redirect) to something malicious. […]
Definition of the Day: Whaling AttacksIf a phishing attack casts a wide net to employees at all levels of an organization it follows that a whaling attack focuses on reeling in the big fish. In this case the ‘whale’ is a higher-level executive within the company. The goal is network access, and, ideally, access to C-suite executive information. Here the […]
Definition of the Day: Spear PhishingWhen hackers target small and medium-sized businesses they are increasingly doing so in a more targeted way. Whereas phishing attacks cast a wide net hitting many potential targets, spear phishing gets more to the point. So, what is spear phishing? Spear phishing is an email scam that targets a smaller group or organization in a […]
Definition of the Day: PhishingA hacker has to gain access to your machine to steal your usernames and passwords. Once done, said hacker can then access your financial accounts, drain them and wire that money to a bank in a country where you will not be able to get it back. He does this by hijacking your machine and […]
