Name: Diving, Surfing, and Pharming
Uploaded: 2023-03-20T14:40:15Z
Duration: 2 min 24 s
Description: Upon completion of this video, you will be able to describe dumpster diving, shoulder surfing, pharming, and other exploits.

Strong cybersecurity practices are essential to every organization, be it a school, hospital, or company. These videos review common cybersecurity strategies, as well as common threats and how to identify them.

Cybersecurity

Upon completion of this video, you will be able to describe dumpster diving, shoulder surfing, pharming, and other exploits.

Diving, Surfing, and Pharming

In this lesson, we are going to continue our discussion of social engineering techniques, looking at "Tailgating", also referred to as "Piggybacking". "Tailgating" or "Piggybacking" happens when access tokens or badges are being used in a single-factor or multi-factor authentication scheme for physical access to buildings, to certain rooms, to certain floors, for example, on an elevator or certain high security areas like the data center.

Each subject uses their badge or token with the sensor every time they access a building or protected area. So it's often considered a violation of a security policy. For example, the acceptable use policy, "AUP", combined with some enforcement policy, If users do not comply by piggybacking or tailgating on somebody else's access.

For example, two people coming back from lunch or coming back from the restroom, one flashes their token and the other just follows them through without using their factor. All access must be audited and visible. Something else to consider as far as social engineering goes is "Dumpster Diving".

"Dumpster Diving" is an attack where the goal is to reclaim important information by searching through trash containers and dumpsters. They can find "Credit card information", "Invoices and receipts", other manifests. They can discover the internal "IP addressing" structure. They can find "Organizational charts". They can obtain the "Names of key employees" or executive management. They can find Manuals and charts" or intellectual property on "Memos and sticky notes".

It's very important from a physical security standpoint that your dumpsters and trash containers be fenced in using locking mechanisms and also have good lighting and good monitoring, for example, with cameras. There's also "Shoulder Surfing". This is an attack where the goal is to look over the shoulder of an individual as he or she enters a password or a PIN or any sensitive information. This is much easier to do today because we have so many camera-equipped mobile devices, phones and pads and other IOT internet of things, devices.

Now, don't forget, if somebody is across the street, they can use binoculars and telescopes in a nearby building to see screens and keyboards. Another term to know for the exam is "Watering Hole". This is a type of social engineering attack basically where you leverage a compromised web server in order to target groups or associations in social networks. It's called a "Watering Hole" because only members of the association are attacked while other traffic is untouched.

Watering holes can be difficult to identify using traffic analysis since most traffic from the infected site can be benign. In general, all social networking sites can be a target of a reconnaissance attack and social engineering.

Join us for an assortment of livestreams where we cover topics such as interview prep, introductions to programming languages, project walkthroughs  — and so much more!

All Livestreams

There is a lot of excitement around AI, but what is it and how could it be relevant to your career? Watch these videos to learn the basics of AI and Machine Learning.

Artificial Intelligence

Augmented reality is alive and well. Learn how to make your first AR experience using the popular web framework A-Frame — with guidance from our Curriculum Developers.

Augmented Reality

Learn how to build a Web Dev Portfolio with Codecademy.

Building a Web Dev Portfolio

No matter what your coding goals are, the best place to start is by building a strong foundation. In this live series, we learn Computer Science fundamentals that are similar to content you’d see in a first-semester CS101 college course.

CS101

Cloud computing and its related services have unlocked seemingly endless possibilities for organizations with an online presence. These videos give an overview of what cloud computing is and what business considerations are made when adopting cloud tools.

Cloud Computing

Welcome to the Community Club & Study Group Events playlist, which are hosted by our incredible Club Captains. This collection features a series of engaging and informative events hosted by our dedicated Club Captains from around the globe. Whether you're interested in Web Development, Python programming, or simply want to connect with tech enthusiasts from different cities, this playlist has something for everyone.

Explore sessions from vibrant cities like Seoul and New York City, where our Club Captains share their expertise and insights on a variety of topics. Each event is designed to help you expand your knowledge, enhance your skills, and connect with a community of like-minded individuals.

Join us as we dive into the world of technology, learn from industry experts, and get inspired by the innovative projects and discussions led by our passionate Club Captains. Don't forget to subscribe and hit the notification bell to stay updated on the latest events and content!

Happy learning and coding!

Community Club & Study Group Events

A playlist of Quick Tip videos for Codecademy Chapter Leaders.

Community: Chapter Leader Quick Tips

Join our Chapters for live conversations on various topics — including NFT art and how to break into a technical field.

Community: Chapters

We think that connecting with other learners is the best way to learn. Explore some of our past community-led events here!

Community: Events

Hackathons are a great way to test your knowledge and flex your skills. Check out our hackathon presentations here.

Community: Hackathon

Explore the world of creative coding with p5.js, an open-source JavaScript library. We'll create drawings, animations, and video sculptures in this beginner-friendly series.

Creative Coding with p5.js

Companies can collect vast amounts of data and struggle to properly use it. Data Analytics is used to interpret and communicate relevant patterns of data for a business. These videos explore how companies utilize data analytics, and current popular tools.

Data Analytics

Data Science is used in a variety of ways to help businesses make decisions. In these videos we explore data science best practices, considerations for what tools to use, and the basics of machine learning.

Data Science

How data is presented can be as important as how it is collected. These videos explore foundational strategies and best practices to ensure that your data visualizations are meaningful and accurate.

Data Visualization

There are a lot of terms and acronyms in the world of programming. Explore the definitions of common terms used in popular languages and frameworks.

Definitions

DevOps is a series of practices that fosters a culture of collaboration between the Development and Operations team in software development. This playlist explores the benefits of DevOps, and how it is practiced in organizations.

DevOps

An understanding of Github and Git commands is essential for anyone looking to work in a collaborative software development space. These videos explore the features of Git, as well as branching and merging, two of the most important skills for collaborating on Github.

Developer Tools

HTML and CSS lie at the heart of web development. We explore some of their uses with these tutorials and explainers.

HTML & CSS

Preparing for a career in a technical field? Check out these interview tips — including advice on building a portfolio and showcasing your skills.

Interview Prep

Emojicode is a real programming language with a playful emoji syntax in place of traditional programming keywords. Learning it can bring some smiles and fun to your programming journey. Join us for an introduction to this silly language.

Intro to Emojicode

TypeScript builds on your JavaScript foundation so you can develop higher-quality, less error-prone code faster. Learn more about this in-demand language as Codecademy Curriculum Developers guide us through an introduction.

Intro to TypeScript

JavaScript has many functionalities, from web development to gaming applications. We break down the programming language and explain how it works with these tutorials.

JavaScript

From Product Manager to Data Scientist, we take a look at different careers in tech and what these roles entail.

Jobs in Coding

Experience a full day of learning to code with interactive instruction and guided discussions by the Curriculum team at Codecademy.

Learn From Home Day

See how people around the world are reshaping their lives by learning to code.

Learner Stories

Linear regression is a fundamental machine learning algorithm used for predictive modeling and data analysis. Learn more about it as Codecademy Curriculum Developers guide you through our course: Linear Regression in Python

Linear Regression with Python

Machine learning is one of the fastest expanding fields in tech, with applications in all parts of life. Watch these videos to learn the basics of Machine Learning.

Machine Learning

Almost everything we do creates data, and knowing how to investigate and communicate it is key. Our Curriculum Developers show us how to summarize data and run hypothesis tests following our Skill Path: Master Statistics with Python.

Master Stats with Python

Mobile development is a massive field with a variety of unique tools. These videos explore two essential tools for mobile developers, the Android operating system and Flutter software development kit.

Mobile Development

Official Codecademy Events

Whether you’re solving for skill gaps, building a more innovative and resourceful team, or aiming to onboard quickly, Codecademy Teams helps your whole company build the right tech and professional skills to quickly adapt to industry shifts and meet changing business needs.

Product Demos

Since its release in 1994, Python stands tall as many developers’ favorite programming language. Explore its many capabilities with these livestreams and tutorials.

Python

The R language is a popular tool for Data Analysts. Learn more about this free, open-source programming language with these livestreams.

We asked recruiters in our community to share advice for people navigating the job-hunting process — from tips for optimizing your resume to advice on acing the technical interview.

Recruiter Advice

We show you how to get started on your coding projects — from setting up developer tools to pushing your code to GitHub.

Setting Up

Just starting out on your coding journey? We’ve gathered tips for helping you start — including advice on how to choose your first programming language and how to remember everything you’re learning.

Tips

Our Curriculum Developers will lead you on a journey as you go from complete beginner to proficiency with data visualization, using Python. This is a weekly series that will lead you through our entire Visualize Data with Python Skill Path.

Visualize Data with Python

Web Design includes any skills used to create and maintain a website. These videos explore the foundational web design skills of adding styling to a website with CSS and HTML, as well as best practices in responsive web design.

Web Design

Join the millions learning to code with Codecademy.

Welcome to Codecademy

You know all of those app ideas you’ve been wanting to create? Swift and SwiftUI can help you bring them to life for iOS. Learn how to build your very own iPhone app from start to finish in this live series.

Diving, Surfing, and Pharming

More videos

Learn more on Codecademy

Introduction to Cybersecurity

Cybersecurity for Business

Resources

Support

Resources

Support

Plans

Community

Subjects

Languages

Career building

Mobile

Mobile