Presentation is loading. Please wait.

Presentation is loading. Please wait.

Social Engineering as a Means of Exploitation Carrie Estes.

Published byHolly Norman Modified over 8 years ago

Similar presentations

Presentation on theme: "Social Engineering as a Means of Exploitation Carrie Estes."— Presentation transcript:

1 Social Engineering as a Means of Exploitation Carrie Estes

2  What is social engineering?  How is it technical in nature?  How does an average attack progress?  Examples of some attacks.  How can one defend against such attacks? Roadmap

3  Social engineering is the art of manipulation to get what you want.  It takes confidence, research, time, and people who believe you are who you say you are. What is social engineering?

4  Social engineering itself is only one step in a long list of steps to getting information from a company.  To pull off a successful attack, the attacker needs a lot of information.  This information comes from research and hacking into places in a company. How is it technical in nature?

5  When an attacker is getting ready to pull off a social engineering attack, he or she needs to do research on the company and employees. From this, they will gain vital information to be used. Phone calls and emails can be sent out to gain even more vital information. How does an average attack progress?

6 Social engineering techniques

7 Examples The colors and words puzzle that everyone saw as a kid. Did you know that it is considered social engineering?

8  Oscar Grace became a PI  Woman’s husband moved funds  Wants to know where they are due to getting a divorce  Made three phone calls Examples

9  Computer center manager fell for attack by a person barely out of their teens.  Danny wanted super secret encryption software from a top manufacturer of secure radio systems.  He didn’t want to steal it. Examples

10  There is no concrete way to defend against these attacks.  There are, however, some things that can be done to diminish the risk.  Security awareness training  Mock social engineering drills, etc  Physical security  Background verification How does one defend against such attacks?

11  We discussed  What is social engineering?  How is it technical in nature?  How does an average attack progress?  Examples of some attacks.  How one can defend against such attacks. Review

12 Questions?

13  "Social Engineering (security)." Wikipedia. Wikimedia Foundation, 25 Mar. 2013. Web. 27 Mar. 2013..  Mitnick, Kevin D., and William L. Simon. The Art of Deception: Controlling the Human Element of Security. Indianapolis, IN: Wiley Pub., 2002. Print.  Shetty, Dines. "Social Engineering - The Human Factor | Www.SecurityXploded.com." Social Engineering - The Human Factor | Www.SecurityXploded.com. SecurityXploded, 2007. Web. 27 Mar. 2013.. References

14 Fun picture

Download ppt "Social Engineering as a Means of Exploitation Carrie Estes."

Similar presentations

Electronic Voting Systems

Electronic Voting Systems
PhoenixPro Procurement. technology. contracts. projects.

PhoenixPro Procurement. technology. contracts. projects.
Introduction and Overview of Digital Crime and Digital Terrorism

Introduction and Overview of Digital Crime and Digital Terrorism
The Art of Social Hacking

The Art of Social Hacking
INTERNET SAFETY.

INTERNET SAFETY.
Information Security Awareness Training

Information Security Awareness Training
SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.

SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.
AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.

AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.
Social Engineering Networks Reid Chapman Ciaran Hannigan.

Social Engineering Networks Reid Chapman Ciaran Hannigan.
Sangeet Bhullar Director, WISE KIDS www.wisekids.org.uk Promoting Positive and Safe Internet Use www.wisekids.org.uk WISE KIDS Pilot Internet Mentor Programme.

Sangeet Bhullar Director, WISE KIDS Promoting Positive and Safe Internet Use WISE KIDS Pilot Internet Mentor Programme.
Welcome to New Hire Orientation Information Security

Welcome to New Hire Orientation Information Security
The Art of Deception - Controlling Human Element of Security - Shohei Hagiwara November 17th, 2009.

The Art of Deception - Controlling Human Element of Security - Shohei Hagiwara November 17th, 2009.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”

Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”
Web Server Security By Michael Huang. Web Server Security - Background Experts gets hacked (AOL, MSN, FBI, CIA, etc…) Loss of Trade Secrets, Company Embarrassment,

Web Server Security By Michael Huang. Web Server Security - Background Experts gets hacked (AOL, MSN, FBI, CIA, etc…) Loss of Trade Secrets, Company Embarrassment,
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Unit 12 Additional Evidence Nihal. 1.1 I can describe what types of information are needed. Business card Business cards are important because they show.

Unit 12 Additional Evidence Nihal. 1.1 I can describe what types of information are needed. Business card Business cards are important because they show.
Cory Bowers Harold Gray Brian Schneider Data Security.

Cory Bowers Harold Gray Brian Schneider Data Security.
Chapter 4.  Can technology alone provide the best security for your organization?

Chapter 4.  Can technology alone provide the best security for your organization?
Cyber crime & Security Prepared by : Rughani Zarana.

Cyber crime & Security Prepared by : Rughani Zarana.

Similar presentations

Ads by Google