Terminology

Attack Types and Differences¶

Phishing vs Vishing vs Whaling vs Smishing¶

Vishing -> voice phising
Whaling -> phising high-profile
Smishing -> SMS phising

Spam & Spim¶

spim -> spam over instant messaging

Shoulder surfing¶

Dumpster diving¶

Tailgating¶

Shoulder surfing¶

source: https://octopus-office.co.uk/shoulder-surfing-how-to-avoid-it/

Zero Day¶

Reconnaissance¶

Impersonation¶

Watering hole attack¶

target -> website X

attacker -> website X (accessed by target)

Drive by attack¶

exploit user web browser or its plugins

Typo Squatting¶

bca.com -> bc4.com

Bruteforce & Password spraying¶

Bruteforce

user1 -> password1, password2, password3, ...

Pspraying

password -> user1, user2, user3, ...

Term¶

Antivirus¶

Antimalware¶

Malware can include various types of threats, such as viruses, worms, Trojans, spyware, adware, and ransomware.

EDR¶

Endpoint Detection and Response (EDR), computer, laptop, phone, IoT, etc that connected to network.

Monitoring
Detection
Investigation
Remediation

DLP¶

Data Loss Prevention

Terminology

Attack Types and Differences¶

Phishing vs Vishing vs Whaling vs Smishing¶

Spam & Spim¶

Shoulder surfing¶

Dumpster diving¶

Tailgating¶

Shoulder surfing¶

Zero Day¶

Social Engineering¶

Reconnaissance¶

Impersonation¶

Watering hole attack¶

Drive by attack¶

Typo Squatting¶

Bruteforce & Password spraying¶

Term¶

Antivirus¶

Antimalware¶

EDR¶

DLP¶