MidTermCyber

Phishing and Social Engineering Not to be confused with fishing, phishing is a cyber-attack. As CompTIA puts it: “You don’t need a pole, but it does involve reeling in unsuspecting victims”. This attack has many different methods of communication and can be used to seek out a plethora of personal data from an unsuspecting user. Phishing attacks can be received via a phone call, text message, or an E-mail (we will focus on E-mail in this article). Some sensitive information the attackers might be after may include passwords, bank accounts, or social security numbers. In some cases, the attacker might just have you buy several gift cards from Taco Bell to congratulate the accomplices for a job well done. (Source: https://www.comptia.org/content/articles/what-is-phishing ) So how do the attackers convince users to give up private data — by asking nicely? Not necessarily. These attackers employ social engineering techniques to convince you that giving up this piece of informat...