Social Engineering
Harri Levo
What it is?
O Leading the user in social media into wanted

direction
O Aka. Manipulation of the user

O Based on human co...
Miss usage techniques
O Pretexting
O Phishing and phone phishing
O Baiting
O Tailgating

O Virus hoax
O Confidence trickin...
How it’s done
Pretexting
O Acquiring information

from the user through
a lie
O A social security

number for
identificati...
Baiting
O Leaving a obvious trace
O Usb-stick
O Cd-rom

O For web users the

hacker leaves an
obvious lead such as a
link....
Virus hoax

O Miss guiding to think

that the user is under
a virus attack
O Email suggest the

user to forward the
mail t...
Tailgating
O AKA. Piggybacking
O Using an authors information to enter the data

base

O The it-support person in a compan...
How to protect yourself
O Be skeptic, if something's too good to be

true, it probably is
O Don’t connect your computer, l...
Sources
O http://searchcio.techtarget.com/definition/pretexting
O http://www.microsoft.com/security/online-privacy/phishin...
Upcoming SlideShare
Loading in …5
×

Harri levo social engineering

358
-1

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
358
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Harri levo social engineering

  1. 1. Social Engineering Harri Levo
  2. 2. What it is? O Leading the user in social media into wanted direction O Aka. Manipulation of the user O Based on human cognitive decision making O Miss guiding the user O Can be used for commercial use or for hacking
  3. 3. Miss usage techniques O Pretexting O Phishing and phone phishing O Baiting O Tailgating O Virus hoax O Confidence tricking O Corner game
  4. 4. How it’s done Pretexting O Acquiring information from the user through a lie O A social security number for identification O Similar to ”security questions” Phishing O Main goal to gain capital O Gather data through malwares: O Emails O SMS O Links O Phone calls can be also used through “paid numbers calling to users”
  5. 5. Baiting O Leaving a obvious trace O Usb-stick O Cd-rom O For web users the hacker leaves an obvious lead such as a link. O Tempting user to do what the hacker wants Corner game O Changing a deliver of a company into a different place. O Diversion theft O Miss guiding a deliver person O ”old school” yet still used
  6. 6. Virus hoax O Miss guiding to think that the user is under a virus attack O Email suggest the user to forward the mail to other users. O Lives through the users good belief Confidence tricking O A combination of other tricks O 6 stages O O O O O O Foundation work Approach Build-up Pay-off The Hurrah In-and-out O Benefitting from the good belief of the user
  7. 7. Tailgating O AKA. Piggybacking O Using an authors information to enter the data base O The it-support person in a company has he’s memory stick compromised, infected by a virus. As he starts using the data base the virus will gather key information from the session. Such as, the routes the data goes when the master password is used. O Tailgating is based on the knowledge of the user interface and the platform of the system. O Old windows DOS.
  8. 8. How to protect yourself O Be skeptic, if something's too good to be true, it probably is O Don’t connect your computer, laptop, phone with devices you’re not certain with O Be a little bit paranoid in the internet if you don’t know what you’re doing O Common sense is the best defense against the misusage of your information.
  9. 9. Sources O http://searchcio.techtarget.com/definition/pretexting O http://www.microsoft.com/security/online-privacy/phishingO O O O O symptoms.aspx http://www.webroot.com/us/en/home/resources/tips/onlineshopping-banking/secure-what-is-social-engineering http://searchsecurity.techtarget.com/definition/virus-hoax http://www.oxforddictionaries.com/definition/english/confide nce-trick http://www.crimes-of-persuasion.com/Victims/victims.htm http://searchsecurity.techtarget.com/tip/Social-engineeringpenetration-testing-Four-effective-techniques
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×