Social Engineering FAQ
What is phishing?
Phishing is a type of cyber attack delivered via email, where attackers send fraudulent messages designed to trick you into taking an action that benefits them, such as installing malware, capturing credentials, or wiring money. These emails often appear legitimate and may seem to come from trusted sources.
What is spear phishing?
Spear phishing is a more targeted form of phishing. Unlike general phishing attacks, spear phishing involves extensive research on the target. The attacker crafts a highly convincing email specifically designed for that individual, increasing the likelihood of success. While more effective, this method requires more time, effort, and skill to execute.
What is vishing?
Vishing, or voice phishing, occurs over the phone. Attackers use a strong pretext and often gather small, seemingly insignificant pieces of information across multiple calls. While each piece of information may seem harmless, when combined, it can be used to carry out a high-impact social engineering attack.
What is smishing?
Smishing involves phishing attacks via SMS or other messaging platforms. The goal is typically to get the recipient to click on a malicious link or call a number, leading to further exploitation. This type of attack leverages the trust people often place in text messages and chat platforms.
Are there other forms of remote social engineering?
Yes, other forms include using popular chat programs like Teams, Slack, or other internal communication platforms. In these scenarios, an attacker who has gained access may attempt to impersonate colleagues to entice employees into clicking malicious links or running harmful programs on their computers.
Learn more about how LRQA can support your Cyber security needs
