Presentation is loading. Please wait.

Presentation is loading. Please wait.

Social Engineering Jero-Jewo. Social Engineering Social engineering is the act of manipulating people into performing actions or divulging confidential.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Social Engineering Jero-Jewo. Social Engineering Social engineering is the act of manipulating people into performing actions or divulging confidential."— Presentation transcript:

1 Social Engineering Jero-Jewo

2 Social Engineering Social engineering is the act of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud or computer system access; in most cases the attacker never comes face-to-face with the victim. – www.wikipedia.orgconfidence trickfraud

3 Case study As a service provider, Duo Consulting helps clients manage the publication of critical business information on their web sites. Integrity and availability are important considerations for Duo when processing requests for changes 99% of requests from clients come from known client contacts.

4 Case Study There is currently a communication process in place to receive and manage requests. How should we handle requests from contacts that are not known?

5 Real World New request comes in from an unknown contact at Setton Farms for ftp access to their web server on a Saturday. Request bounces around until it comes to CTO. Requester is contacted and an inquiry is made about need for ftp access.

6 Real World Contact explains that there is an immediate need to publish critical information about a recall on their site and they have hired a designer to make the updates to their site.

7

8

9 What happened next? Question identity of requester Question authenticity of request

10 What’s missing? We do not have a policy or process in place to confirm identity of contacts making requests We do not have a list of authorized contacts There is a service level agreement in place for managed hosting - but nothing defined about emergency requests from clients that do not have a services support contract in place

11 Next Steps Solve the problems!

Download ppt "Social Engineering Jero-Jewo. Social Engineering Social engineering is the act of manipulating people into performing actions or divulging confidential."

Similar presentations

The Web Wizards Guide to Freeware/Shareware Chapter Four Essential Tools for Web Page Authors.

The Web Wizards Guide to Freeware/Shareware Chapter Four Essential Tools for Web Page Authors.
Web Hosting. The purpose of this Startup Guide is to familiarize you with Own Web Now's Web Hosting. Own Web Now offers two web hosting platforms, one.

Web Hosting. The purpose of this Startup Guide is to familiarize you with Own Web Now's Web Hosting. Own Web Now offers two web hosting platforms, one.
We use a comprehensive approach to reduce costs and increase efficiencies. TMR approaches every project with integrity, dedication, and creativity. We.

We use a comprehensive approach to reduce costs and increase efficiencies. TMR approaches every project with integrity, dedication, and creativity. We.
Creating the Ultimate Online Customer-Service Experience Stefan Beeli, Vice President ESP Computer Services Choosing the proper level of Technology A look.

Creating the Ultimate Online Customer-Service Experience Stefan Beeli, Vice President ESP Computer Services Choosing the proper level of Technology A look.
Social Engineering Training. Training Goals Increase Laboratory Awareness. Provide the tools required to identify, avoid and report advanced Social Engineering.

Social Engineering Training. Training Goals Increase Laboratory Awareness. Provide the tools required to identify, avoid and report advanced Social Engineering.
Web Services and AIXM. Introduction Subramanyam “Subbu” Nadavala Contractor, L-3 Communications FAA Air Traffic Organization (ATO) Information Technology.

Web Services and AIXM. Introduction Subramanyam “Subbu” Nadavala Contractor, L-3 Communications FAA Air Traffic Organization (ATO) Information Technology.
SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.

SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.
AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.

AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Security Issues and Challenges in Cloud Computing

Security Issues and Challenges in Cloud Computing
 Single sign-on o Centralized and federated passport o Federated Liberty Alliance and Shibboleth  Authorization o Who can access which resource o ACM.

 Single sign-on o Centralized and federated passport o Federated Liberty Alliance and Shibboleth  Authorization o Who can access which resource o ACM.
0-1 Team # Status Report (1 of 4) Client Contact –Point 1 –Point 2 Team Meetings –Point 1 –Point 2 Team Organization –Point 1 –Point 2 Team #: Team Name.

0-1 Team # Status Report (1 of 4) Client Contact –Point 1 –Point 2 Team Meetings –Point 1 –Point 2 Team Organization –Point 1 –Point 2 Team #: Team Name.
0-1 Team # Status Report (1 of 4) Client Contact –Status Point 1 –Status Point 2 Team Meetings –Status Point 1 –Status Point 2 Team Organization –Description.

0-1 Team # Status Report (1 of 4) Client Contact –Status Point 1 –Status Point 2 Team Meetings –Status Point 1 –Status Point 2 Team Organization –Description.
Social Engineering Jero-Jewo. Case study Social engineering is the act of manipulating people into performing actions or divulging confidential information.

Social Engineering Jero-Jewo. Case study Social engineering is the act of manipulating people into performing actions or divulging confidential information.
Syndicators as Attestors of Premium Clicks Sergei Chevtsov, SLAC, 09-14-2007 AdFraud 2007.

Syndicators as Attestors of Premium Clicks Sergei Chevtsov, SLAC, AdFraud 2007.
Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.

Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.
Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”

Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.

Confidential Crisis Management Innovations, LLC. CMI CrisisPad TM Product Overview Copyright © 2011, Crisis Management Innovations, LLC. All Rights Reserved.

Similar presentations

Ads by Google