Cyber Security - Social Engineering

1234567891011
Across
  1. 7. The use of viruses and exploits to redirect victims trying to reach legitimate websites to identical but fake websites in which their data is not secure. (e.g. A fake bank login website that steals bank account and login information).
  2. 8. The act of calling people on the phone, pretending to be from trusted companies in order to gain their private information.
  3. 10. The act of getting into a restricted area by compelling an authorized person to share their credentials. (A security guard may feel compelled to hold a secure door open for a person carrying heavy boxes or an elderly lady).
  4. 11. The act of creating an invented scenario (the pretext) to convince someone to divulge private information, generally by pretending to be an executive or other high-ranking official.
Down
  1. 1. The practice of gaining confidential data (passwords, PINs, etc.) by eavesdropping on the keystrokes inputted on their device. This can be done both digitally (with software that records keystrokes) or physically (looking over someone's shoulder).
  2. 2. Tricking people into getting their personal information without their consent. Can be done using impersonation, or other social engineering practices.
  3. 3. The practice of sending emails pretending to be from trusted companies in order to trick individuals into revealing personal information, such as passwords and credit card numbers.
  4. 4. The practice of requesting private data or login credentials in exchange for a service or money (e.g. offering "free" IT assistance in exchange for login credentials)
  5. 5. The act of closely following an authorized person into a restricted area (e.g. through locked doors) without the person noticing, and gaining access to that location.
  6. 6. The act of texting people through SMS, pretending to be from trusted companies in order to gain their private information.
  7. 9. The act of using a malware-infected object (physical or digital) to pique people's curiosity or greed, and lure them into a trap that steals their personal information when they interact with the object.