Professional Documents
Culture Documents
Fundamentals,
Fifth Edition
Chapter 2
Malware and Social Engineering Attacks
Objectives
• Describe the differences between a virus and a
worm
• List the types of malware that conceals its
appearance
• Identify different kinds of malware that is designed
for profit
• Describe the types of social engineering
psychological attacks
• Explain physical social engineering attacks
• Rootkits
– Software tools used by an attacker to hide actions or
presence of other types of malicious software
– Hide or remove traces of log-in records, log entries
– May alter or replace operating system files with
modified versions:
• Specifically designed to ignore malicious activity
– Users can no longer trust their computer that
contains a rootkit
• The rootkit is in charge and hides what is occurring on
the computer
• Social engineering:
• Phishing
– Sending an email or displaying a web announcement that
claiming to be from legitimate source
• May contain legitimate logos and wording
– Tries to trick user into giving private information
– The emails and fake websites are difficult to distinguish
from those that are legitimate
• Hoaxes
– False warning or claim
– May be first step in an attack
– often contained in an email message claiming to come from
the IT department.
– The hoax purports that there is a “deadly virus” circulating
through the Internet and that the recipient should erase
specific files or change security configurations, and then
forward the message to other users.
– Attackers may also provide a telephone number for the
victim to call for help, which will put them in direct contact
with the attacker