Social Engineering

Edit Answers
123456789101112131415161718
Across
  1. 2. a Regulation in EU law on data protection and privacy in the EU and the European Economic Area.
  2. 4. This is the capture of confidential data by observation of a target, while passwords or PIN numbers are being input into a computing device, such as a tablet, ATM machine or door entry system.
  3. 6. A collection of techniques that use human vulnerabilities to manipulate people into performing actions or divulging sensitive information.
  4. 7. A way for a user to authenticate by using two or more separate forms of identification.
  5. 10. A phishing attack targeted at a specific person or group.
  6. 11. An algorithm on a computer system bypasses security controls
  7. 12. The creation of a website domain that is made to look like a bona fide website.
  8. 14. The act of following someone into a secured area, usually by exploiting someone’s courtesy of “holding the door”.
  9. 16. Unsolicited emails that are sent out in bulk.
  10. 17. a string of characters that allows access to a computer system or service.
  11. 18. Occurs when the login credentials for webmail, domain access, VPN access, etc. are collected via a compromised web browser, application, malware or DNS server.
Down
  1. 1. A social engineering scam in which confidential information (such as credit card information) is extracted from a target over the telephone for financial gain.
  2. 3. A social engineering technique in which the attacker masquerades as a legitimate website or communication in order to acquire sensitive information, such as passwords or credit card information.
  3. 5. Process whereby the attacker examines the contents of waste bins, skips or recycling bins for the purpose of obtaining confidential information, such as invoices, email printouts or company memos.
  4. 8. Malware that attempts to extort money from a user or organisation by taking control of the victim’s machine, files or documents.
  5. 9. Used to send information from your computer to a third party without your consent.
  6. 11. A form of social engineering in which an attacker lures a victim with a false promise that appeals to greed or curiosity, such as a USB attack
  7. 13. Any event where confidential data is viewed, transmitted, stolen or used by an unauthorised individual.
  8. 15. An umbrella term used to describe any malicious software.