Copyright (c) 2026 MindMesh Academy. All rights reserved. This content is proprietary and may not be reproduced or distributed without permission.
5.2.3. Social Engineering and Malware
Social Engineering Attacks:
| Attack | Description |
|---|---|
| Phishing | Fraudulent emails/messages tricking users into revealing credentials |
| Vishing | Voice phishing (phone calls) |
| Smishing | SMS phishing |
| Spear phishing | Targeted phishing at specific individuals |
| Whaling | Phishing targeting executives |
| Shoulder surfing | Visual observation of credentials/screens |
| Tailgating | Following authorized person through secured door |
| Dumpster diving | Searching trash for sensitive information |
⚠️ Exam Trap: Shoulder surfing is visual observation—watching someone type a password or viewing their screen. It's low-tech social engineering, not a network attack.
Malware Types: Viruses (require host program), worms (self-propagating), ransomware (encrypts data for ransom), trojans (disguised as legitimate), spyware (covert surveillance).
Written byAlvin Varughese
Founder•15 professional certifications