0% found this document useful (0 votes)
62 views10 pages

Social Engineering

Social engineering is an attack that manipulates people into revealing confidential information through exploiting human weaknesses. It can involve reverse social engineering where the attacker poses as needing help, phishing through email and phone calls, or impersonating authority figures. Countermeasures include being suspicious of unsolicited requests, verifying information independently, and securing devices. Knowing social engineering techniques helps prevent unauthorized access and data theft, while being uninformed leaves systems vulnerable.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
62 views10 pages

Social Engineering

Social engineering is an attack that manipulates people into revealing confidential information through exploiting human weaknesses. It can involve reverse social engineering where the attacker poses as needing help, phishing through email and phone calls, or impersonating authority figures. Countermeasures include being suspicious of unsolicited requests, verifying information independently, and securing devices. Knowing social engineering techniques helps prevent unauthorized access and data theft, while being uninformed leaves systems vulnerable.
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 10

Social Engineering

What is Social Engineering?


• Is an attack that preys on the “Human Factor”.
• It takes advantage of people’s weaknesses and vulnerabilities.
• It is the art of manipulating people or playing tricks to give up
confidential information mostly for financial gain or self-interest such
as passwords or bank information.
Three (3) classic social engineering tricks
• Reverse Social Engineering
• Email and Phone Calls
• Authority Abuse
Reverse Social engineering
• A type of attack that the user is put in the position wherein the user
needs to ask help from the attacker.

Example:
• A hacker brings down a target network, and then contacts the target
pretending to be a technician, in order to get a user to give
information.
Email and Phone Calls
• Are described as a direct social engineering approach, but have less
probability of success since the person targeted can simply ignore the
email and the phone call.

Example:
• Phishing
Authority Abuse
• Attackers can pose to be a member of the organization with higher
authority and request for usernames and passwords, may use
meeting a deadline as an excuse.
Countermeasures
• Slow Down. Spammers want you to act first and think later.
• Research the facts. Be suspicious of any unsolicited message.
• Delete requests for help or offers of help. Legitimate companies and
organizations do not contact you to provide help.
• Curiosity leads to careless clicking – if you don’t know what the email
is about, clicking links is a poor choice.
• Don’t let a link in control where you land. Stay in control by finding
the website yourself using a search engine to be sure you land where
you intend to land.
More countermeasures….
• Email Hijacking is rampant. Hackers, spammers, and social engineers
taking over control of people’s email accounts has become rampant.
• Beware of any download.
• Foreign offers are fake.
• Set your spam filters to high.
• Secure your computing devices.
Advantages of knowing how Social Engineering Techniques
are effective includes:
• Prevents unauthorized access from occurring.
• Prevents possible information theft.
• Prevents the possibility of downloading malicious software on
unsuspecting user systems.
• Preserves the integrity of Information Systems.
Disadvantages of being uninformed with respect to Social
Engineering Techniques are effective includes:
• Possible data theft.
• Possible identity theft.
• Possible corruption of data.
• Possible unplanned system downtime.
• Possible (physical) Security Threat.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy