Baiting
Involves the use of enticing offers, promises or deceptive scenarios to lure victims into a trap. The goal is to exploit human psychology and curiosity to make people more susceptible to manipulation
USB drop attack
Bad actors will drop a USB full of malware in the ground and wait for somebody to pick it up and plug it into the system out of curiosity. If it's a tailored attack it will be dropped at the surroundings of the victim.
Fake WiFi Hotspot
Bad actors will create a fraudulent Wi-Fi hotspot, giving away internet access for free without passwords. Data traveling through this hotspot will be captured and the actor also can execute man in the middle attacks, spoofing, altering or injecting malicious content into the communications between the victim and the internet.
Evil Twin Attack
Similar as Fake Wi-Fi hotspot, bad actors will create a free for all hotspot but mimicking a legitimate entity, for example a restaurant. Evil twin term is used because the rogue access point is essentially a duplicate "twin" of the legitimate network. Unsuspecting users will have its internet traffic captured or even manipulated by a man in the middle attack.
QR Code scam
Bad actors will stick posters with QR codes in the proximity of the victim or just at random, with a fake enticing lure. The link of the QR will send victims to a malicious website.
Social Media scam
Refers to any baiting or scam done through social media platforms, the most common place as it offers practically infinite victims from all around the world. The bad actor will use a fake profile from where it will deploy scams while its real persona remains hidden.
Free gift scam
Bad actors will send the victims fake gift emails, notices, cards, etc. Manipulating the victims into believing they won something and that they need to enter its data to retrieve it or just lure them into a malicious link to receive the gift.
Black Hat SEO
Bad actors use Search Engine Optimization (SEO) unethical techniques to place its malicious website at the top of the search engines results to gain victims as people will always trust the first links more. It can also manipulate advertisement placing in systems as for example Google Ads as they will appear first.
Last updated