An employee finds a USB drive labeled 'Employee Salary Info Q4' in the parking lot. Out of curiosity, they plug it into their work computer to see the contents. What type of social engineering attack is this an example of?
Trap 1: Phishing
Phishing is typically electronic (email, websites). Baiting involves a physical object left to tempt the victim.
Trap 2: Tailgating
Tailgating involves following someone into a secure area. This scenario involves a found USB drive.
Trap 3: Pretexting
Pretexting involves creating a fabricated scenario to obtain information. This scenario uses a physical object, not a story.
- A
Phishing
Why wrong: Phishing is typically electronic (email, websites). Baiting involves a physical object left to tempt the victim.
- B
Tailgating
Why wrong: Tailgating involves following someone into a secure area. This scenario involves a found USB drive.
- C
Baiting
Baiting exploits human curiosity or greed by offering something desirable. The USB drive with a tempting label is a classic baiting technique.
- D
Pretexting
Why wrong: Pretexting involves creating a fabricated scenario to obtain information. This scenario uses a physical object, not a story.