Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming himself to represent a technical support team from a vendor. He warned that a specific server is about to be compromised and requested sibertech.org to follow the provided instructions. Consequently, he prompted the victim to execute unusual commands and install malicious files, which were then used to collect and pass critical information to Johnson’s machine. What is the social engineering technique Steve employed in the above scenario?

Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming himself to represent a technical support team from a vendor. He warned that a specific server is about to be compromised and requested sibertech.org to follow the provided instructions. Consequently, he prompted the victim to execute unusual commands and install malicious files, which were then used to collect and pass critical information to Johnson’s machine. What is the social engineering technique Steve employed in the above scenario?

Option 1 : Elicitation

Option 2 : Diversion theft

Option 3 : Phishing

Option 4 : Quid pro quo

1. Elicitation

Elicitation may be a lively effort to extract project-related information from all relevant stakeholders. the target is to obviously define the business or project objectives. Requirements elicitation uses various analytics and techniques that leave complete, concise and clear requirements to be gathered. A Standish Group report lists “incomplete requirements” because the leading explanation for software project failure and divulges that poor requirements account for 50% of project failures. Poor requirements are a results of sub-standard elicitation which can also cause scope creep, budget overrun and inadequate process redesign.

Elicitation is vital as many stakeholders are unable to accurately articulate the business problem. Therefore, analysts performing the elicitation got to make sure that the wants produced are clearly understandable, useful and relevant. A well defined problem and clear requirements will go an extended thanks to creating the right solution that adds value to the business.

2. Diversion theft

Diversion theft started as an “offline” attack where the mal-actor tricks a courier into learning or dropping off a package from the incorrect location and hence either facilitating the delivery of their false package or accessing the important package. It’s also referred to as the “Corner game” or “Round the corner game” and has its origins within the East End of London, way before the web was even thought of.

A lorry driver would be met and told that the products he’s carrying are needed round the corner from the important drop off point. the products are then easily accessible by the crooks and may be stolen or substituted.

A mal-actor can now use technology to divert the delivery, by intercepting and altering the delivery schedule. Diversion theft is additionally getting used online to trick the victim into sending information to the incorrect location. Often this is often done by using spear phishing, whaling, vishing or pretexting attacks.

3. Phishing

Phishing may be a cybercrime during which a target or targets are contact by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data like personally identifiable information, banking and mastercard details, and passwords.

The information is then wont to access important accounts and may end in fraud and loss .

The first phishing lawsuit was filed in 2004 against a Californian teenager who created the imitation of the web site “America Online”. With this fake website, he was ready to gain sensitive information from users and access the mastercard details to withdraw money from their accounts. aside from email and website phishing, there’s also ‘vishing’ (voice phishing), ‘smishing’ (SMS Phishing) and a number of other other phishing techniques cybercriminals are constantly arising with.

4. Quid pro quo

A quid pro quo attack (aka “something for something” attack) could also be a variant of baiting. instead of baiting a target with the promise of an honest , a quid pro quo attack promises a service or a benefit supported the execution of a specific action.

In business and legal contexts, quid pro quo conveys that an honest or service has been exchanged for something of equal value. it’s been utilized in politics to explain an unethical practice of “I’ll do something for you, if you are doing something on behalf of me ,” but are allowable if bribery or malfeasance doesn’t occur through it.

Understanding Quid Pro Quo

The key to a quid pro quo business agreement may be a consideration, which can take the shape of an honest , service, money, or, financial instrument. Such considerations are attached to a accept which something is provided and something of equal value is hence returned in exchange. Without such considerations, a court may find a contact to be invalid or nonbinding. Additionally, if the agreement appears to be unfair or overly one-sided, the courts may rule that the contract is null and void. a person , business, or other transacting entity should know what’s expected of both parties to enter into a contact.

Learn CEH & Think like hacker

---

• What is Ethical Hacking? & Types of Hacking
• 5 Phases of Hacking
• 8 Most Common Types of Hacker Motivations
• What are different types of attacks on a system
• Scope and Limitations of Ethical Hacking
• TEN Different Types Of Hackers
• What is the Foot-printing?
• Top 12 steps for Footprinting Penetration Testing
• Different types of tools with Email Footprinting
• What is “Anonymizer” & Types of Anonymizers
• Top DNS Interrogation Tools
• What is SNMP Enumeration?
• Top vulnerability scanning tools
• Information Security of Threat
• Footprinting tools:
• What is Enumeration?
• Network Security Controls
• What is Identity and Access Management?
• OWASP high TEN web application security risks
• Password Attacks
• Defend Against Key loggers
• Defend Against Spyware
• Covering Tracks
• Covering Track on Networks
• Everything You Need To Know About Sniffing – Part 1
• Everything You Need To Know About Sniffing – Part 2
• Learn more about GPS Spyware & Apparatuses
• Introduction of USB Spyware and It’s types
• 10 Types of Identity Theft You Should Know About
• Concepts of Denial-of-Service Attack & Distributed Denial of Service Attack
• Most Effective Ways to Overcome Impersonation on the Social Networking Site’s Problem
• How Dynamic Host Configuration Protocol (DHCP) Works
• DHCP Request/Reply Messages
• DHCP Starvation Attack
• Rogue DHCP Server Attack
• IOS Switch Commands
• Web-Server Concept
• Web-Server Attacks
• Web-Server Attack Tools
• Web-Server Security Tools
• 6 Quick Methodology For Web Server Attack
• Learn Skills From Web Server Foot Printing / Banner Grabbing
• The 10 Secrets You Will Never Know About Cyber Security And Its Important?
• Ways To Learn Finding Default Content Of Web Server Effectively
• How will Social Engineering be in the Future
• Understand The Background Of Top 9 Challenges IT Leaders Will Face In 2020 Now
• Learning Good Ways To Protect Yourself From Identity Theft
• Anti-phishing Tools Guide

---

This Blog Article is posted by

Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092

Contact us – www.info-savvy.com

https://g.co/kgs/ttqPpZ