Email-based attacks

 EMAIL ATTACKS

Phishing

• Email based

• Prevented by DMARC

Spear phishing

• Email based

• Multiple people in the same department/company

• Prevented by DMARC

Whaling

• Email based

• C-Level (CEO, CFO, etc) Board of Directors

• Specific to the person it targets

 WHOIS COMMAND

Whois

·         Too much information

·         The correct amount of information

SQL Injection Attack

 SQLi

SQLi (SQL Injection)

·         Server-side attack

·         A query formatted: ‘ or ‘1’=’1’ -- is a SQL injection attack.

·         SELECT * FROM

·         Prevented by

o   Input validation

o   Removing semi colons, dashes, quotations, & commas

o   Stored procedures