The Art of Shoulder Surfing: A Social Engineering Attack

What social engineering attack is Pete executing when he watches Sara enter her username and password?

A. Impersonation

B. Tailgating

C. Piggybacking

D. Shoulder surfing

Answer:

Pete, who is watching Sara typing in her username and password, is executing a social engineering attack known as 'Shoulder Surfing'.

In the scenario described, Pete is executing a type of social engineering attack known as Shoulder Surfing. This type of attack involves someone looking over a person's shoulder to gather personal and sensitive information like usernames and passwords without their knowledge or consent.

The other options provided, Impersonation, Tailgating, and Piggybacking, are also types of social engineering attacks but they do not fit the situation presented. Impersonation involves pretending to be another person, Tailgating involves unauthorized entry by following someone else, and Piggybacking involves unauthorized access by using someone else's established connection.

Shoulder Surfing is a sneaky way for attackers to gather information that can lead to further security breaches. It is important for individuals to be vigilant and protect their sensitive information from prying eyes, whether in physical or digital environments.

By staying aware and implementing best practices for security, such as using privacy screens on devices and being cautious of who is nearby when entering sensitive information, individuals can help prevent shoulder surfing attacks and safeguard their personal data.