Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Art of Social Engineering

Published byRalf Phillips Modified over 6 years ago

Similar presentations

Presentation on theme: "The Art of Social Engineering"— Presentation transcript:

1 The Art of Social Engineering
Miriam Baker Sarah Finfrock

2 Miriam Baker Graduated East Mountain Spring 2012
Graduated University of New Mexico Fall 2016 Bachelor of Business Administration with a concentration in Accounting and Finance Minor in Psychology Minor in Economics 4.07 GPA Attending Graduate School at University of New Mexico Will graduate Spring 2018 Master of Science in Information Systems and Assurance

3 Sarah Finfrock Graduated from UNM Graduated from UNM Summa Cum Laude Spring 2016 Bachelor of Business Administration with a concentration in Accounting Attending Graduate School at the Anderson School of Management Anticipated graduation Spring 2018 Master of Accounting with a concentration in Information Assurance

4 Social Engineering Social Engineering:
Using deception to manipulate individuals to gain confidential or personal information. An attack vector that relies heavily on human interaction and often involves tricking people into breaking normal security procedures

5 Types of Social Engineering
Phishing: A form of fraud where the attacker learns personal information by masquerading as a reputable entity or person in , IM or other communication channels Vishing: Fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable companies to induce individuals to reveal personal information. Pretexting: A form of social engineering in which an individual lies to obtain privileged data. A pretext is a false motive. Pretexting is typically a scam where an individual pretends to need information in order to confirm the identity of the person he is talking to.

6 Types of Social Engineering Continued
Tailgating: Unauthorized individuals follow authorized individuals into a secure location. Baiting: A form of social engineering similar to phishing attacks with the promise of an item or good. Quid Pro Quo: A form of social engineering where a benefit is promised in exchange for information. The benefit is typically a service.

7 History of Social Engineering

8 Ulysses and the Trojan Horse

9 Victor Lustig and the Eiffel Tower

10 George Parker

11 Frank Abagnale

12 Kevin Mitnick

13 Bernie Madoff

14 Signs of Phishing Email from an unofficial address
requires you to take urgent action Generic greetings used Links to other websites Legitimate links mixed with false links

15 Tips to Avoid Phishing Look for characteristics of suspected phishing s Always check the source information of s Do not access sites via links in s Only give out sensitive data on secure sites Periodically monitor your accounts Phishing s can pertain to any website If you have any doubt don’t open the message or click on the link

16

17

18 Jennifer Lawrence Kate Upton Kim Kardashian

19 Ryan Collins 36 years old Pulled off one of the largest celebrity scandals in modern history Ran a phishing scam for 2 years Accessed 50 iCloud Accounts and 72 gmail accounts Faces up to 5 years in federal prison and $250,000 in fines

20 Signs of Vishing Incoming calls with a hidden Caller ID function.
Calls from someone who knows your personal or account information. Callers that address you generically such as "account holder" or "customer" and not by your name. Caller directs you to call another number or proceed to a website to update, verify, activate or reactivate your account.

21 Tips to Avoid Vishing Avoid divulging personal information over the phone Do not respond to strange voice or text messages Initiate calls with your bank, or other institutes Do not simply trust caller ID Be suspicious of all unknown callers

22 Video 1

23 How to Spoof a Call

24 Video 2

25 Social Engineering For Good

26 Video 3

27

28 Information Assurance Program at UNM

Download ppt "The Art of Social Engineering"

Similar presentations

PowerPoint 1: Email fraud/ phishing Lesson 2-2. WHAT IS PHISHING?

PowerPoint 1: fraud/ phishing Lesson 2-2. WHAT IS PHISHING?
Social Engineering Training. Training Goals Increase Laboratory Awareness. Provide the tools required to identify, avoid and report advanced Social Engineering.

Social Engineering Training. Training Goals Increase Laboratory Awareness. Provide the tools required to identify, avoid and report advanced Social Engineering.
SOCIAL ENGINEERING ATTACKS GOWTHAM RAM RAJARAM VIGNESH SELVAKUMAR SELLAMUTHU.

SOCIAL ENGINEERING ATTACKS GOWTHAM RAM RAJARAM VIGNESH SELVAKUMAR SELLAMUTHU.
Phishing Scams use spoofed emails and websites as lures to prompt people to voluntarily hand over sensitive information Phishing emails may contain.

Phishing Scams use spoofed s and websites as lures to prompt people to voluntarily hand over sensitive information Phishing s may contain.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Friday June 6, 2014 OBJ: SWBAT understand what identity theft is, what the consequences are, and how to prevent it. Drill: What statement is this cartoon.

Friday June 6, 2014 OBJ: SWBAT understand what identity theft is, what the consequences are, and how to prevent it. Drill: What statement is this cartoon.
The Art of Social Hacking

The Art of Social Hacking
How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.

How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.
Aleksandra Kurbatova 111611 IVCM.  What is social engineering?  Types  Pretexting  …  Summary  Conclusion.

Aleksandra Kurbatova IVCM.  What is social engineering?  Types  Pretexting  …  Summary  Conclusion.
1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.

1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.
8 Mistakes That Expose You to Online Fraud to Online Fraud.

8 Mistakes That Expose You to Online Fraud to Online Fraud.
Internet Phishing Not the kind of Fishing you are used to.

Internet Phishing Not the kind of Fishing you are used to.
Social Engineering Networks Reid Chapman Ciaran Hannigan.

Social Engineering Networks Reid Chapman Ciaran Hannigan.
Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”

Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”
Materials Developed By: CLARIFI 1-800-989-2227 CLARIFI ID Theft & Scams Don’t be a Victim.

Materials Developed By: CLARIFI CLARIFI ID Theft & Scams Don’t be a Victim.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Social Engineering UTHSC Information Security Team.

Social Engineering UTHSC Information Security Team.
Social Engineering Training. Why Social Engineering Training? The Department of Energy (DOE) authorized the Red Team to perform vulnerability assessments.

Social Engineering Training. Why Social Engineering Training? The Department of Energy (DOE) authorized the Red Team to perform vulnerability assessments.
Day 3 Cybersafety Presented by FJUHSD Teacher Librarian.

Day 3 Cybersafety Presented by FJUHSD Teacher Librarian.
Cybersafety.

Cybersafety.

Similar presentations

Ads by Google