What is shoulder surfing?Shoulder surfing is using direct observation techniques, such as looking over someone's shoulder, to get information. Show
Shoulder surfing is an effective way to get information in crowded places because it's relatively easy to stand next to someone and watch as they fill out a form, enter a PIN at an ATM or pay for something using a credit card. Shoulder surfing can also be done from a long distance with the aid of binoculars or other vision-enhancing devices. Examples of shoulder surfingThere are several ways shoulder surfers can steal personal data. One example of shoulder surfing is if an employee is talking about confidential business on their phone and a co-worker is sitting right next to them. That person would be able to see their screen and take notes. The shoulder surfer wouldn't be able to do this if the other individual was standing in front of them or sitting behind them, but because the person is sitting down, it's possible for the co-worker to see what they're doing on their phone. Here are a few other examples:
How to prevent shoulder surfingTo prevent shoulder surfing, experts recommend that people shield paperwork or their keypad from view by using their body or cupping their hand.
Here are a few other helpful tips to avoid being victimized by shoulder surfing:
This was last updated in October 2021 Continue Reading About shoulder surfing
Dig Deeper on Threats and vulnerabilities
What is the HTTP method that retrieves data by URI?The GET method is used to retrieve information from the given server using a given URI. Requests using GET should only retrieve data and should have no other effect on the data.
Which tool can be used to gather competitive intelligence from websites?Which tool can be used to gather competitive intelligence from Web sites? Name droppers is a tool that can be used to capture Web server information and vulnerabilities in a Web site's pages that could allow exploits such as SQL injection and buffer overflows.
What is the passive process of finding information on a company's network called?Passive Footprinting is the process of gathering information on a target by innocuous, or, passive, means. Browsing the target's website, visiting social media profiles of employees, searching for the website on WHOIS, and performing a Google search of the target are all ways of passive Footprinting.
Which of the following is a text file generated by a web server and stored on a users browser?A "cookie" is a small text file containing information, generated by a web site's server and placed on a user's-visitor's personal computer or smart device.
|