Social Engineering, the Most Powerful Weapon used Phishing Attacks
Upcoming SlideShare
Loading in...5
×
 

Social Engineering, the Most Powerful Weapon used Phishing Attacks

on

  • 566 views

Phishing is a criminal strategy that employs both social engineering and technical deception in order to steal personal, identity and financial data. If we look at the examples of phishing attacks, we ...

Phishing is a criminal strategy that employs both social engineering and technical deception in order to steal personal, identity and financial data. If we look at the examples of phishing attacks, we can see that social engineering schemes usually use hoax emails claiming to be from legitimate organizations and lead recipients to counterfeit websites.

Statistics

Views

Total Views
566
Slideshare-icon Views on SlideShare
566
Embed Views
0

Actions

Likes
0
Downloads
1
Comments
0

0 Embeds 0

No embeds

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Social Engineering, the Most Powerful Weapon used Phishing Attacks Social Engineering, the Most Powerful Weapon used Phishing Attacks Document Transcript

    • Social Engineering, the Most Powerful Weapon used in Phishing Attacks
    • Phishing is a criminal strategy that employs both social engineering and technical deception in order to steal personal, identity and financial data. If we look at the examples of phishing attacks, we can see that social engineering schemes usually use hoax emails claiming to be from legitimate organizations and lead recipients to counterfeit websites. As social engineers depend on the natural helpfulness of people, the emails sent by phishers usually have high open rates.Given below is a fraudulent email claiming to be from FBI director. “Your ID which we are in our database sending to all the crime agencies in America for them to insult you on their website as an internet fraudsters and to warn people from having any deals with you. This would have been solved all this while if you had gotten the CERTIFICATE ENDORSED AND STAMPED as you were instructed in the email below. This is the federal bureau of investigation (FBI) am writing in response to the e-mail you sent to us and am using this medium to inform you that there is no more time left to waste because you have been given a mandate. As stated earlier to have the document endorsed, signed and stamped without fail and you must adhere to this directive to avoid you blaming yourself at least when we must have arrested and jailed you for life and all your properties will be seized and bank account will be confiscated too………. As a good Christian and a Honest man, I decided to see how i could be of help to you because i would not be happy to see you end up in jail and all your properties confiscated all because your information's was used to carry out a fraudulent transaction, i called the EFCC and they directed me to a private attorney who can help you get the process done and he stated that he will endorse and stamp the document at the sum of $98 USD only and I believe this process is cheaper for you.” Phishers are highly confident of getting high open rates for this kind of emails since it appeals to the fear of the victims. Therefore, in today’s world that is becoming more and more hacker friendly, enterprises need to employ different ways to protect against phishing. While several solutions are available to protect from technology attacks, the two most vulnerable areas remain the people and process. A strategic phishing attack specifically targets these two areas. Attackers are well aware that these are the most difficult zones to guard.
    • Therefore, enterprises need to put in place an effective solution that helps to prevent phishing attacks by running simulated phishing attacks on employees to assess how they respond to such an attack. This provides an instant behavioural analysis that leverages a "teaching moment". It also includes a prioritized action plan to reduce possible threats due to such attacks in the future.This helps to increase employee's phishing awareness and significantly reduce the chance of loss of sensitive data. Read More About: Longline Phishing Attacks, Protect Against Phishing Scams, Best Anti Phishing Software, Enterprise Spear Phishing Definition