CS406: Information Security

There are many other types of attacks that can be summarized as follows:

• Impersonation on Help Desk attacks: the attacker pretends to be someone with authority or a company’s employee and calling the help desk requesting information or services.
• Dumpster Diving attacks: consist of gathering sensitive documents from company’s trash or discarded equipment such as old computer materials, drives, CDs, and DVDs.
• Quid Pro Quo attacks: baiting attacks offering free services to seduce the victim. They require an exchange of information in return for a service or product.
• Diversion Theft attacks: consist of misdirecting a transport company to deliver a courier or package to the desired location.
• Shoulder surfing attacks: consist of watching the victim while entering passwords or sensitive information.
• Stealing important documents attacks: consist of stealing files from someone’s desk for personal interests.
• Online social engineering attacks: the attacker pretends to be the network administrator for a company and asks for usernames and passwords.
• Pharming attacks: the attacker steals the traffic coming from a specific website by redirecting it to another fake website in order to get the carried information. This attack works by hacking the domain name system (DNS) server and exploiting any vulnerabilities to change the internet protocol (IP) address of the host machine and the server.