3.3 Analyze and differentiate among types of social-engineering attacks
Social engineering is a form of attack that exploits human nature and human behavior. Social-engineering attacks take two primary forms: convincing someone to perform an unauthorized operation or convincing them to reveal confidential information. For example, the victim may be fooled into believing that a received email is authoritative (such as an email hoax), a person on the phone is someone to be respected and obeyed (such as someone claiming to be from tech support or a manager offsite), or a person with them is who they claim to be (such as an A/C repair technician). In just about every case, a social-engineering attack tries to convince the victim to perform some activity ...
Get CompTIA Security+™: Review Guide, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.