Harri levo social engineering
Upcoming SlideShare
Loading in...5

Harri levo social engineering






Total Views
Views on SlideShare
Embed Views



1 Embed 3

https://www.facebook.com 3


Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Harri levo social engineering Harri levo social engineering Presentation Transcript

  • Social Engineering Harri Levo
  • What it is? O Leading the user in social media into wanted direction O Aka. Manipulation of the user O Based on human cognitive decision making O Miss guiding the user O Can be used for commercial use or for hacking
  • Miss usage techniques O Pretexting O Phishing and phone phishing O Baiting O Tailgating O Virus hoax O Confidence tricking O Corner game
  • How it’s done Pretexting O Acquiring information from the user through a lie O A social security number for identification O Similar to ”security questions” Phishing O Main goal to gain capital O Gather data through malwares: O Emails O SMS O Links O Phone calls can be also used through “paid numbers calling to users”
  • Baiting O Leaving a obvious trace O Usb-stick O Cd-rom O For web users the hacker leaves an obvious lead such as a link. O Tempting user to do what the hacker wants Corner game O Changing a deliver of a company into a different place. O Diversion theft O Miss guiding a deliver person O ”old school” yet still used
  • Virus hoax O Miss guiding to think that the user is under a virus attack O Email suggest the user to forward the mail to other users. O Lives through the users good belief Confidence tricking O A combination of other tricks O 6 stages O O O O O O Foundation work Approach Build-up Pay-off The Hurrah In-and-out O Benefitting from the good belief of the user
  • Tailgating O AKA. Piggybacking O Using an authors information to enter the data base O The it-support person in a company has he’s memory stick compromised, infected by a virus. As he starts using the data base the virus will gather key information from the session. Such as, the routes the data goes when the master password is used. O Tailgating is based on the knowledge of the user interface and the platform of the system. O Old windows DOS.
  • How to protect yourself O Be skeptic, if something's too good to be true, it probably is O Don’t connect your computer, laptop, phone with devices you’re not certain with O Be a little bit paranoid in the internet if you don’t know what you’re doing O Common sense is the best defense against the misusage of your information.
  • Sources O http://searchcio.techtarget.com/definition/pretexting O http://www.microsoft.com/security/online-privacy/phishingO O O O O symptoms.aspx http://www.webroot.com/us/en/home/resources/tips/onlineshopping-banking/secure-what-is-social-engineering http://searchsecurity.techtarget.com/definition/virus-hoax http://www.oxforddictionaries.com/definition/english/confide nce-trick http://www.crimes-of-persuasion.com/Victims/victims.htm http://searchsecurity.techtarget.com/tip/Social-engineeringpenetration-testing-Four-effective-techniques