SlideShare a Scribd company logo

Social engineering

Download as PPTX, PDF
H
HHSome

Social engineering is the art of manipulating people into divulging confidential or personal information that may be used for fraudulent purposes. It works by exploiting human psychology rather than technical hacking skills. Common social engineering techniques include posing as an authorized employee, gathering information to gain trust, and reading body language. To protect against social engineering, organizations should implement strong password policies, use two-factor authentication, provide security awareness training to employees, and foster a security-conscious culture.

EducationTechnologyBusiness
1 of 10
Social Engineering Presented by Md. Mukul Hossen
What is social engineering?  Social engineering is essentially the art of gaining access to buildings, systems or data by exploiting human psychology, rather than by breaking in or using technical hacking techniques. For example, instead of trying to find a software vulnerability, a social engineer might call an employee and pose as an IT support person, trying to trick the employee into divulging his password.
Why do people fall for social engineering techniques?  People are fooled every day by these cons because they haven't been adequately warned about social engineers. most people won't recognize a social engineer's tricks because they are often very sophisticated. Social engineers use a number of psychological tactics on unsuspecting victims. They simply act like they belong in a facility, even if they should not be, and their confidence and body posture puts others at ease.  It is quite difficult to identify them because of
Social engineer’s motives Financial gain Personal interest External pressure Intellectual challenge Damage containment (Personal) grievance Politics
Some Social Engineering Exploit Techniques……….  Familiarity Exploit –People are way more comfortable responding and carrying out requests by familiar people than they are with complete strangers.  Creating a hostile situation – People withdraw from those that appear to be mad, upset or angry at something or someone other than themselves. For example, if you are on the phone and fake having a heated conversation with someone people around you will absolutely notice you but they will go out of their way to avoid you as well.
Continue….  Gathering and Using Information – When it comes right down to it the key to being a successful social engineer is information gathering.  Get a Job There – Once you are on the inside you become way more trusted, even if you are a lowly clerk. Social engineering a co-worker is usually a piece of cake given the assumed trust you'll have as a fellow employee.  Reading body language – An experienced Social engineer will read and respond to their mark's body language.
How to protect Against Social Engineering?  Password Management: Guidelines such as the number and type of characters that each password must include, how often a password must be changed, and even a simple declaration that employees should not disclose passwords to anyone (even if they believe they are speaking with someone at the corporate help desk) will help secure information assets.  Two-Factor Authentication: Authentication for high-risk network services such as modem pools and VPNs should use two-factor authentication rather than fixed passwords.  Anti-Virus/Anti-Phishing Defences: Multiple layers of anti-virus defences, such as at mail gateways and end-user desktops, can minimize the threat of phishing and other social-engineering attacks.
Continue…….  Change Management: A documented change- management process is more secure than an ad-hoc process, which is more easily exploited by an attacker who claims to be in a crisis.  Information Classification: A classification policy should clearly describe what information is considered sensitive and how to label and handle it.  Document Handling and Destruction: Sensitive documents and media must be securely disposed of and not simply thrown out with the regular office trash.  Physical Security: The organization should have effective physical security controls such as visitor logs, escort requirements, and background checks.
Continue…..  Organizations must address social- engineering threats as part of an overall riskmanagement strategy. The best way to mitigate the risk posed by rapidly evolving social-engineering methods is through an organizational commitment to a securityaware culture. On-going training will provide employees with the tools they need to recognize and respond to social-engineering threats, and support from the executive staff will create an attitude of ownership and accountability that encourages active participation in the security culture.
Thank you for your attention.

Recommended

Report on Human factor in the financial industry
Report on Human factor in the financial industryReport on Human factor in the financial industry
Report on Human factor in the financial industry
Chandrak Trivedi
 
Case Study
Case StudyCase Study
Case Study
bogans
 
I-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia WarwarI-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia WarwarClaudia Warwar
 
phishing
phishingphishing
phishingGarth Bruen
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
Ahmad Sharifi
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
IOSR Journals
 
VCU INFO 644 Critical Thinking 1
VCU INFO 644 Critical Thinking 1VCU INFO 644 Critical Thinking 1
VCU INFO 644 Critical Thinking 1tgbrunet
 
Social Engineering-The Underpinning of Unauthorized Access
Social Engineering-The Underpinning of Unauthorized AccessSocial Engineering-The Underpinning of Unauthorized Access
Social Engineering-The Underpinning of Unauthorized AccessKory Edwards
 

Recommended

Report on Human factor in the financial industry
Report on Human factor in the financial industryReport on Human factor in the financial industry
Report on Human factor in the financial industry
Chandrak Trivedi
 
Case Study
Case StudyCase Study
Case Study
bogans
 
I-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia WarwarI-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia WarwarClaudia Warwar
 
phishing
phishingphishing
phishingGarth Bruen
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and security...
Ahmad Sharifi
 
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
An Overview of Intrusion Detection and Prevention Systems (IDPS) and Security...
IOSR Journals
 
VCU INFO 644 Critical Thinking 1
VCU INFO 644 Critical Thinking 1VCU INFO 644 Critical Thinking 1
VCU INFO 644 Critical Thinking 1tgbrunet
 
Social Engineering-The Underpinning of Unauthorized Access
Social Engineering-The Underpinning of Unauthorized AccessSocial Engineering-The Underpinning of Unauthorized Access
Social Engineering-The Underpinning of Unauthorized AccessKory Edwards
 
Security Transformation
Security TransformationSecurity Transformation
Security Transformation
Faisal Yahya
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Program
CommLab India – Rapid eLearning Solutions
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
Health information security 3 vulnerability threat and risk
Health information security 3 vulnerability threat and riskHealth information security 3 vulnerability threat and risk
Health information security 3 vulnerability threat and risk
Dr. Lasantha Ranwala
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
Net at Work
 
Health information security 2 : Basic concepts
Health information security 2 : Basic conceptsHealth information security 2 : Basic concepts
Health information security 2 : Basic concepts
Dr. Lasantha Ranwala
 
Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack
newbie2019
 
Passwords are everywhere these days
Passwords are everywhere these daysPasswords are everywhere these days
Passwords are everywhere these days
EssaysREasy
 
2 Security And Internet Security
2 Security And Internet Security2 Security And Internet Security
2 Security And Internet SecurityAna Meskovska
 
Cloud expo 2016 kevin presentation
Cloud expo 2016 kevin presentationCloud expo 2016 kevin presentation
Cloud expo 2016 kevin presentation
Kevin Thiele
 
PACE-IT, Security+3.5: Types of Application Attacks (part 1)
PACE-IT, Security+3.5: Types of Application Attacks (part 1)PACE-IT, Security+3.5: Types of Application Attacks (part 1)
PACE-IT, Security+3.5: Types of Application Attacks (part 1)
Pace IT at Edmonds Community College
 
First Responders Course - Session 5 - First Response [2004]
First Responders Course - Session 5 - First Response [2004]First Responders Course - Session 5 - First Response [2004]
First Responders Course - Session 5 - First Response [2004]
Phil Huggins FBCS CITP
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
Pace IT at Edmonds Community College
 
Is the IT security gap a threat to SMBS?
Is the IT security gap a threat to SMBS?Is the IT security gap a threat to SMBS?
Is the IT security gap a threat to SMBS?
Globizzcon
 
e commerce security and fraud protection
e commerce security and fraud protectione commerce security and fraud protection
e commerce security and fraud protection
tumetr1
 
E-commerce & Security
E-commerce & SecurityE-commerce & Security
E-commerce & SecurityNetstarterSL
 
Cybersecurity Powerpoint Presentation Slides
Cybersecurity Powerpoint Presentation SlidesCybersecurity Powerpoint Presentation Slides
Cybersecurity Powerpoint Presentation Slides
SlideTeam
 
E sec chaptr-1
E sec chaptr-1E sec chaptr-1
E sec chaptr-1
123aleena
 
1.Security Overview And Patching
1.Security Overview And Patching1.Security Overview And Patching
1.Security Overview And Patchingphanleson
 
Fungi
FungiFungi
Fungijdrinks
 
Invt ques
Invt quesInvt ques
Invt quesGian Matharu
 

More Related Content

What's hot

Security Transformation
Security TransformationSecurity Transformation
Security Transformation
Faisal Yahya
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Program
CommLab India – Rapid eLearning Solutions
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
Health information security 3 vulnerability threat and risk
Health information security 3 vulnerability threat and riskHealth information security 3 vulnerability threat and risk
Health information security 3 vulnerability threat and risk
Dr. Lasantha Ranwala
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
Net at Work
 
Health information security 2 : Basic concepts
Health information security 2 : Basic conceptsHealth information security 2 : Basic concepts
Health information security 2 : Basic concepts
Dr. Lasantha Ranwala
 
Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack
newbie2019
 
Passwords are everywhere these days
Passwords are everywhere these daysPasswords are everywhere these days
Passwords are everywhere these days
EssaysREasy
 
2 Security And Internet Security
2 Security And Internet Security2 Security And Internet Security
2 Security And Internet SecurityAna Meskovska
 
Cloud expo 2016 kevin presentation
Cloud expo 2016 kevin presentationCloud expo 2016 kevin presentation
Cloud expo 2016 kevin presentation
Kevin Thiele
 
PACE-IT, Security+3.5: Types of Application Attacks (part 1)
PACE-IT, Security+3.5: Types of Application Attacks (part 1)PACE-IT, Security+3.5: Types of Application Attacks (part 1)
PACE-IT, Security+3.5: Types of Application Attacks (part 1)
Pace IT at Edmonds Community College
 
First Responders Course - Session 5 - First Response [2004]
First Responders Course - Session 5 - First Response [2004]First Responders Course - Session 5 - First Response [2004]
First Responders Course - Session 5 - First Response [2004]
Phil Huggins FBCS CITP
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
Pace IT at Edmonds Community College
 
Is the IT security gap a threat to SMBS?
Is the IT security gap a threat to SMBS?Is the IT security gap a threat to SMBS?
Is the IT security gap a threat to SMBS?
Globizzcon
 
e commerce security and fraud protection
e commerce security and fraud protectione commerce security and fraud protection
e commerce security and fraud protection
tumetr1
 
E-commerce & Security
E-commerce & SecurityE-commerce & Security
E-commerce & SecurityNetstarterSL
 
Cybersecurity Powerpoint Presentation Slides
Cybersecurity Powerpoint Presentation SlidesCybersecurity Powerpoint Presentation Slides
Cybersecurity Powerpoint Presentation Slides
SlideTeam
 
E sec chaptr-1
E sec chaptr-1E sec chaptr-1
E sec chaptr-1
123aleena
 
1.Security Overview And Patching
1.Security Overview And Patching1.Security Overview And Patching
1.Security Overview And Patchingphanleson
 

What's hot (20)

Security Transformation
Security TransformationSecurity Transformation
Security Transformation
 
Employee Security Awareness Program
Employee Security Awareness ProgramEmployee Security Awareness Program
Employee Security Awareness Program
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
Health information security 3 vulnerability threat and risk
Health information security 3 vulnerability threat and riskHealth information security 3 vulnerability threat and risk
Health information security 3 vulnerability threat and risk
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
 
Health information security 2 : Basic concepts
Health information security 2 : Basic conceptsHealth information security 2 : Basic concepts
Health information security 2 : Basic concepts
 
Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack Chapter 4 vulnerability threat and attack
Chapter 4 vulnerability threat and attack
 
Passwords are everywhere these days
Passwords are everywhere these daysPasswords are everywhere these days
Passwords are everywhere these days
 
2 Security And Internet Security
2 Security And Internet Security2 Security And Internet Security
2 Security And Internet Security
 
Cloud expo 2016 kevin presentation
Cloud expo 2016 kevin presentationCloud expo 2016 kevin presentation
Cloud expo 2016 kevin presentation
 
PACE-IT, Security+3.5: Types of Application Attacks (part 1)
PACE-IT, Security+3.5: Types of Application Attacks (part 1)PACE-IT, Security+3.5: Types of Application Attacks (part 1)
PACE-IT, Security+3.5: Types of Application Attacks (part 1)
 
First Responders Course - Session 5 - First Response [2004]
First Responders Course - Session 5 - First Response [2004]First Responders Course - Session 5 - First Response [2004]
First Responders Course - Session 5 - First Response [2004]
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
 
Is the IT security gap a threat to SMBS?
Is the IT security gap a threat to SMBS?Is the IT security gap a threat to SMBS?
Is the IT security gap a threat to SMBS?
 
e commerce security and fraud protection
e commerce security and fraud protectione commerce security and fraud protection
e commerce security and fraud protection
 
E-commerce & Security
E-commerce & SecurityE-commerce & Security
E-commerce & Security
 
Cybersecurity Powerpoint Presentation Slides
Cybersecurity Powerpoint Presentation SlidesCybersecurity Powerpoint Presentation Slides
Cybersecurity Powerpoint Presentation Slides
 
E sec chaptr-1
E sec chaptr-1E sec chaptr-1
E sec chaptr-1
 
1.Security Overview And Patching
1.Security Overview And Patching1.Security Overview And Patching
1.Security Overview And Patching
 

Viewers also liked

FIIB Leadership Program 2013-14-Shreesti Ghosh
FIIB Leadership Program 2013-14-Shreesti GhoshFIIB Leadership Program 2013-14-Shreesti Ghosh
FIIB Leadership Program 2013-14-Shreesti GhoshShreesti Ghosh
 
Mdp 511 2012 organizations in development - session 1
Mdp 511 2012 organizations in development - session 1Mdp 511 2012 organizations in development - session 1
Mdp 511 2012 organizations in development - session 1
ANDREA_BEAR
 
State of Rural Minnesota 2013-full report
State of Rural Minnesota 2013-full reportState of Rural Minnesota 2013-full report
State of Rural Minnesota 2013-full report
Center for Rural Policy & Development
 
Lisa Koivunen, Risks and Threats in over promoting
Lisa Koivunen, Risks and Threats in over promotingLisa Koivunen, Risks and Threats in over promoting
Lisa Koivunen, Risks and Threats in over promoting
HHSome
 
Vocabulary yr
Vocabulary yrVocabulary yr
Vocabulary yrjdrinks
 
Be Intent Pitch
Be Intent PitchBe Intent Pitch
Be Intent Pitchinnovyz
 
电能计量技术手册
电能计量技术手册电能计量技术手册
电能计量技术手册k214yen
 
Como insertar videos e hipervinculos en una pagina web
Como insertar videos e hipervinculos en una pagina webComo insertar videos e hipervinculos en una pagina web
Como insertar videos e hipervinculos en una pagina webArturo Arcela
 
Global warming.jasper
Global warming.jasperGlobal warming.jasper
Global warming.jasper
jasperhu
 
Biologia dos
Biologia dosBiologia dos
Biologia dos
bachilleres 5
 
DeSmart - get to know us!
DeSmart - get to know us!DeSmart - get to know us!
DeSmart - get to know us!
Ewa Norweg
 
iCollect Q&A
iCollect Q&AiCollect Q&A
iCollect Q&A
International Wealth Management & Control
 
Ntl sources slides 2011 gpo
Ntl sources slides 2011 gpoNtl sources slides 2011 gpo
Ntl sources slides 2011 gpoRosalyn Alleman
 
ลัทธิสังคมนิยม
ลัทธิสังคมนิยมลัทธิสังคมนิยม
ลัทธิสังคมนิยม
Marissa Meester
 

Viewers also liked (20)

Fungi
FungiFungi
Fungi
 
Invt ques
Invt quesInvt ques
Invt ques
 
FIIB Leadership Program 2013-14-Shreesti Ghosh
FIIB Leadership Program 2013-14-Shreesti GhoshFIIB Leadership Program 2013-14-Shreesti Ghosh
FIIB Leadership Program 2013-14-Shreesti Ghosh
 
Mdp 511 2012 organizations in development - session 1
Mdp 511 2012 organizations in development - session 1Mdp 511 2012 organizations in development - session 1
Mdp 511 2012 organizations in development - session 1
 
Sot 2008 revisi
Sot 2008 revisiSot 2008 revisi
Sot 2008 revisi
 
Fdlp presentation
Fdlp presentationFdlp presentation
Fdlp presentation
 
State of Rural Minnesota 2013-full report
State of Rural Minnesota 2013-full reportState of Rural Minnesota 2013-full report
State of Rural Minnesota 2013-full report
 
1
11
1
 
Lisa Koivunen, Risks and Threats in over promoting
Lisa Koivunen, Risks and Threats in over promotingLisa Koivunen, Risks and Threats in over promoting
Lisa Koivunen, Risks and Threats in over promoting
 
Vocabulary yr
Vocabulary yrVocabulary yr
Vocabulary yr
 
Be Intent Pitch
Be Intent PitchBe Intent Pitch
Be Intent Pitch
 
电能计量技术手册
电能计量技术手册电能计量技术手册
电能计量技术手册
 
Como insertar videos e hipervinculos en una pagina web
Como insertar videos e hipervinculos en una pagina webComo insertar videos e hipervinculos en una pagina web
Como insertar videos e hipervinculos en una pagina web
 
Global warming.jasper
Global warming.jasperGlobal warming.jasper
Global warming.jasper
 
Biologia dos
Biologia dosBiologia dos
Biologia dos
 
Cv
CvCv
Cv
 
DeSmart - get to know us!
DeSmart - get to know us!DeSmart - get to know us!
DeSmart - get to know us!
 
iCollect Q&A
iCollect Q&AiCollect Q&A
iCollect Q&A
 
Ntl sources slides 2011 gpo
Ntl sources slides 2011 gpoNtl sources slides 2011 gpo
Ntl sources slides 2011 gpo
 
ลัทธิสังคมนิยม
ลัทธิสังคมนิยมลัทธิสังคมนิยม
ลัทธิสังคมนิยม
 

Similar to Social engineering

Social engineering
Social engineering Social engineering
Social engineering
Vîñàý Pãtêl
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman
 
Social Engineering Attacks in IT World
Social Engineering Attacks in IT WorldSocial Engineering Attacks in IT World
Social Engineering Attacks in IT World
Akshay Mittal
 
Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badbanerjeea
 
Awareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdfAwareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdf
AbdullahKanash
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyRussell Publishing
 
Hacking the Helpdesk, Craig Clark
Hacking the Helpdesk, Craig ClarkHacking the Helpdesk, Craig Clark
Hacking the Helpdesk, Craig Clark
Service Desk Institute
 
Hacking the Helpdesk: Social Engineering Risks
Hacking the Helpdesk: Social Engineering RisksHacking the Helpdesk: Social Engineering Risks
Hacking the Helpdesk: Social Engineering Risks
Craig Clark ITIL, CIS LI,EU GDPR P
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemAustin Eppstein
 
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkInsiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Richard Common
 
What Social Engineering is.pdf
What Social Engineering is.pdfWhat Social Engineering is.pdf
What Social Engineering is.pdf
kamranrazzaq8
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ncell
 
Tech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event RecapTech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event RecapDominic Vogel
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!
Caroline Johnson
 
Darktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalDarktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digital
CMR WORLD TECH
 
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking FrameworkSocial engineering: A Human Hacking Framework
Social engineering: A Human Hacking Framework
Jahangirnagar University
 
Module 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxModule 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptx
Skippedltd
 
Learn About Social Engineering Services - Aardwolf Security
Learn About Social Engineering Services - Aardwolf SecurityLearn About Social Engineering Services - Aardwolf Security
Learn About Social Engineering Services - Aardwolf Security
Aardwolf Security
 

Similar to Social engineering (20)

Social engineering
Social engineering Social engineering
Social engineering
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
 
Social Engineering Attacks in IT World
Social Engineering Attacks in IT WorldSocial Engineering Attacks in IT World
Social Engineering Attacks in IT World
 
Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-bad
 
Awareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdfAwareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdf
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthy
 
Hacking the Helpdesk, Craig Clark
Hacking the Helpdesk, Craig ClarkHacking the Helpdesk, Craig Clark
Hacking the Helpdesk, Craig Clark
 
Hacking the Helpdesk: Social Engineering Risks
Hacking the Helpdesk: Social Engineering RisksHacking the Helpdesk: Social Engineering Risks
Hacking the Helpdesk: Social Engineering Risks
 
EnterpriseImmuneSystem
EnterpriseImmuneSystemEnterpriseImmuneSystem
EnterpriseImmuneSystem
 
Darktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystemDarktrace_WhitePaper_EnterpriseImmuneSystem
Darktrace_WhitePaper_EnterpriseImmuneSystem
 
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkInsiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest Link
 
What Social Engineering is.pdf
What Social Engineering is.pdfWhat Social Engineering is.pdf
What Social Engineering is.pdf
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Tech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event RecapTech Talent Meetup Hacking Security Event Recap
Tech Talent Meetup Hacking Security Event Recap
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!
 
Darktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digitalDarktrace enterprise immune system whitepaper_digital
Darktrace enterprise immune system whitepaper_digital
 
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking FrameworkSocial engineering: A Human Hacking Framework
Social engineering: A Human Hacking Framework
 
Module 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxModule 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptx
 
Learn About Social Engineering Services - Aardwolf Security
Learn About Social Engineering Services - Aardwolf SecurityLearn About Social Engineering Services - Aardwolf Security
Learn About Social Engineering Services - Aardwolf Security
 

More from HHSome

Assignment4
Assignment4Assignment4
Assignment4
HHSome
 
Reputational risk on social media
Reputational risk on social mediaReputational risk on social media
Reputational risk on social mediaHHSome
 
Spy Programs
Spy ProgramsSpy Programs
Spy ProgramsHHSome
 
Social media threats and risks: corporate espionage
Social media threats and risks: corporate espionageSocial media threats and risks: corporate espionage
Social media threats and risks: corporate espionage
HHSome
 
Assignment 4 Netiquette Kalle Andersson
Assignment 4 Netiquette Kalle AnderssonAssignment 4 Netiquette Kalle Andersson
Assignment 4 Netiquette Kalle Andersson
HHSome
 
Katharina Urlbauer- SMM A4 Facelessness
Katharina Urlbauer- SMM A4 FacelessnessKatharina Urlbauer- SMM A4 Facelessness
Katharina Urlbauer- SMM A4 FacelessnessHHSome
 
Over posting
Over postingOver posting
Over postingHHSome
 
Censorship
CensorshipCensorship
CensorshipHHSome
 
Piracy and infringement
Piracy and infringement Piracy and infringement
Piracy and infringement HHSome
 
Threaths and risks
Threaths and risksThreaths and risks
Threaths and risksHHSome
 
Threaths and risks
Threaths and risksThreaths and risks
Threaths and risksHHSome
 
Assigment 4 link to prezi
Assigment 4 link to preziAssigment 4 link to prezi
Assigment 4 link to preziHHSome
 
Phishing
PhishingPhishing
Phishing
HHSome
 
Identity thefts
Identity theftsIdentity thefts
Identity thefts
HHSome
 
Personal information
Personal informationPersonal information
Personal informationHHSome
 
Risks and Threats in SoMe: Payments
Risks and Threats in SoMe: PaymentsRisks and Threats in SoMe: Payments
Risks and Threats in SoMe: Payments
HHSome
 
Malware
MalwareMalware
Malware
HHSome
 
Assignment4 yannick kramm
Assignment4 yannick krammAssignment4 yannick kramm
Assignment4 yannick kramm
HHSome
 

More from HHSome (18)

Assignment4
Assignment4Assignment4
Assignment4
 
Reputational risk on social media
Reputational risk on social mediaReputational risk on social media
Reputational risk on social media
 
Spy Programs
Spy ProgramsSpy Programs
Spy Programs
 
Social media threats and risks: corporate espionage
Social media threats and risks: corporate espionageSocial media threats and risks: corporate espionage
Social media threats and risks: corporate espionage
 
Assignment 4 Netiquette Kalle Andersson
Assignment 4 Netiquette Kalle AnderssonAssignment 4 Netiquette Kalle Andersson
Assignment 4 Netiquette Kalle Andersson
 
Katharina Urlbauer- SMM A4 Facelessness
Katharina Urlbauer- SMM A4 FacelessnessKatharina Urlbauer- SMM A4 Facelessness
Katharina Urlbauer- SMM A4 Facelessness
 
Over posting
Over postingOver posting
Over posting
 
Censorship
CensorshipCensorship
Censorship
 
Piracy and infringement
Piracy and infringement Piracy and infringement
Piracy and infringement
 
Threaths and risks
Threaths and risksThreaths and risks
Threaths and risks
 
Threaths and risks
Threaths and risksThreaths and risks
Threaths and risks
 
Assigment 4 link to prezi
Assigment 4 link to preziAssigment 4 link to prezi
Assigment 4 link to prezi
 
Phishing
PhishingPhishing
Phishing
 
Identity thefts
Identity theftsIdentity thefts
Identity thefts
 
Personal information
Personal informationPersonal information
Personal information
 
Risks and Threats in SoMe: Payments
Risks and Threats in SoMe: PaymentsRisks and Threats in SoMe: Payments
Risks and Threats in SoMe: Payments
 
Malware
MalwareMalware
Malware
 
Assignment4 yannick kramm
Assignment4 yannick krammAssignment4 yannick kramm
Assignment4 yannick kramm
 

Recently uploaded

"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
SACHIN R KONDAGURI
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
siemaillard
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
TechSoup
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Levi Shapiro
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
vaibhavrinwa19
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
heathfieldcps1
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
Pavel ( NSTU)
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
Balvir Singh
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
Marketing internship report file for MBA
Marketing internship report file for MBAMarketing internship report file for MBA
Marketing internship report file for MBA
gb193092
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
EugeneSaldivar
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
Nguyen Thanh Tu Collection
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
Jisc
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
Jean Carlos Nunes Paixão
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
Delapenabediema
 
Multithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race conditionMultithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race condition
Mohammed Sikander
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
Vivekanand Anglo Vedic Academy
 
Best Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDABest Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDA
deeptiverma2406
 

Recently uploaded (20)

"Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe..."Protectable subject matters, Protection in biotechnology, Protection of othe...
"Protectable subject matters, Protection in biotechnology, Protection of othe...
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 
Introduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp NetworkIntroduction to AI for Nonprofits with Tapp Network
Introduction to AI for Nonprofits with Tapp Network
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
 
Synthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptxSynthetic Fiber Construction in lab .pptx
Synthetic Fiber Construction in lab .pptx
 
Operation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela TaraOperation Blue Star - Saka Neela Tara
Operation Blue Star - Saka Neela Tara
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
Marketing internship report file for MBA
Marketing internship report file for MBAMarketing internship report file for MBA
Marketing internship report file for MBA
 
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
 
Supporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptxSupporting (UKRI) OA monographs at Salford.pptx
Supporting (UKRI) OA monographs at Salford.pptx
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
Multithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race conditionMultithreading_in_C++ - std::thread, race condition
Multithreading_in_C++ - std::thread, race condition
 
The French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free downloadThe French Revolution Class 9 Study Material pdf free download
The French Revolution Class 9 Study Material pdf free download
 
Best Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDABest Digital Marketing Institute In NOIDA
Best Digital Marketing Institute In NOIDA
 

Social engineering

  • 2. What is social engineering?  Social engineering is essentially the art of gaining access to buildings, systems or data by exploiting human psychology, rather than by breaking in or using technical hacking techniques. For example, instead of trying to find a software vulnerability, a social engineer might call an employee and pose as an IT support person, trying to trick the employee into divulging his password.
  • 3. Why do people fall for social engineering techniques?  People are fooled every day by these cons because they haven't been adequately warned about social engineers. most people won't recognize a social engineer's tricks because they are often very sophisticated. Social engineers use a number of psychological tactics on unsuspecting victims. They simply act like they belong in a facility, even if they should not be, and their confidence and body posture puts others at ease.  It is quite difficult to identify them because of
  • 4. Social engineer’s motives Financial gain Personal interest External pressure Intellectual challenge Damage containment (Personal) grievance Politics
  • 5. Some Social Engineering Exploit Techniques……….  Familiarity Exploit –People are way more comfortable responding and carrying out requests by familiar people than they are with complete strangers.  Creating a hostile situation – People withdraw from those that appear to be mad, upset or angry at something or someone other than themselves. For example, if you are on the phone and fake having a heated conversation with someone people around you will absolutely notice you but they will go out of their way to avoid you as well.
  • 6. Continue….  Gathering and Using Information – When it comes right down to it the key to being a successful social engineer is information gathering.  Get a Job There – Once you are on the inside you become way more trusted, even if you are a lowly clerk. Social engineering a co-worker is usually a piece of cake given the assumed trust you'll have as a fellow employee.  Reading body language – An experienced Social engineer will read and respond to their mark's body language.
  • 7. How to protect Against Social Engineering?  Password Management: Guidelines such as the number and type of characters that each password must include, how often a password must be changed, and even a simple declaration that employees should not disclose passwords to anyone (even if they believe they are speaking with someone at the corporate help desk) will help secure information assets.  Two-Factor Authentication: Authentication for high-risk network services such as modem pools and VPNs should use two-factor authentication rather than fixed passwords.  Anti-Virus/Anti-Phishing Defences: Multiple layers of anti-virus defences, such as at mail gateways and end-user desktops, can minimize the threat of phishing and other social-engineering attacks.
  • 8. Continue…….  Change Management: A documented change- management process is more secure than an ad-hoc process, which is more easily exploited by an attacker who claims to be in a crisis.  Information Classification: A classification policy should clearly describe what information is considered sensitive and how to label and handle it.  Document Handling and Destruction: Sensitive documents and media must be securely disposed of and not simply thrown out with the regular office trash.  Physical Security: The organization should have effective physical security controls such as visitor logs, escort requirements, and background checks.
  • 9. Continue…..  Organizations must address social- engineering threats as part of an overall riskmanagement strategy. The best way to mitigate the risk posed by rapidly evolving social-engineering methods is through an organizational commitment to a securityaware culture. On-going training will provide employees with the tools they need to recognize and respond to social-engineering threats, and support from the executive staff will create an attitude of ownership and accountability that encourages active participation in the security culture.
  • 10. Thank you for your attention.