Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2011 IsecT Ltd. Social engineering Spot it and stop it September 2011 Security awareness seminar.

Published byHaley Barrett Modified over 11 years ago

Similar presentations

Presentation on theme: "Copyright © 2011 IsecT Ltd. Social engineering Spot it and stop it September 2011 Security awareness seminar."— Presentation transcript:

1 Copyright © 2011 IsecT Ltd. Social engineering Spot it and stop it September 2011 Security awareness seminar

2 Copyright © 2011 IsecT Ltd. Slide 2 Introduction Social engineering is a way of tricking people into doing things they shouldnt do, such as disclosing secrets

3 Copyright © 2011 IsecT Ltd. Slide 3 Blending-in

4 Copyright © 2011 IsecT Ltd. Slide 4 Who are social engineers? Kids, partners, friends Sales reps Hackers, virus writers Journalists Jilted lovers Industrial spies & unethical competitors Private investigators Spies Former, current or prospective employees Visitors, phone callers, emailers, chatters, gift givers, friends …

5 Copyright © 2011 IsecT Ltd. Slide 5 New tricks Fake survey or prize draw Discarded USB stick, CD, cellphone … Note on the windshield, FAX, letter … Fake maintenance worker, courier, cleaner, auditor, customer, supplier, manager, executive assistant … Lottery win, inheritance or tax refund … Stuck in a hotel, wallet stolen, in a fix Friend or friend of a friend Check out this cool video … Fake job ad and interview

6 Copyright © 2011 IsecT Ltd. Slide 6 How they do it

7 Copyright © 2011 IsecT Ltd. Slide 7 Clues to watch out for Have you ever been pestered by a persistent, pushy sales rep, trying hard to sell you something you really dont want? Parents of 7 year olds will probably appreciate their ability to manipulate us into doing what they want

8 Copyright © 2011 IsecT Ltd. Slide 8 Warning signs Unexpected callers or visitors probing your for information or acting suspiciously Unusual requests, FAXes, emails, text messages, Tweets or phone calls Probing, pushy or threatening behavior Name-dropping or using company slang out of context Evasive, defensive or aggressive reaction when asked to verify their identity Nervousness and other nonspecific clues

9 Copyright © 2011 IsecT Ltd. Slide 9 DART them! D elay A uthenticate R esist T ransfer

10 Copyright © 2011 IsecT Ltd. Slide 10 Front-line defenses I just need to confirm your voicemail : could you reset your PIN code to 1234 please? Mmmm, sounds fishy … Id better refer this call to IT

11 Copyright © 2011 IsecT Ltd. Slide 11 Other aspects

12 Copyright © 2011 IsecT Ltd. Slide 12 Conclusion Be alert for the signs that someone might be socially engineering you, and DART ( D elay, A uthenticate, R esist and T ransfer) them! Report possible social engineering incidents, suspicious calls and near misses to IT Help/Service Desk Help us create a stronger security culture

13 Copyright © 2011 IsecT Ltd. Slide 13 Further information Speak to your manager, call the IT Help/Service desk or contact Information Security. Discuss social engineering with your work colleagues and family. Visit the intranet Security Zone.

Download ppt "Copyright © 2011 IsecT Ltd. Social engineering Spot it and stop it September 2011 Security awareness seminar."

Similar presentations

Building our security culture

Building our security culture
Copyright © 2011 IsecT Ltd. Securing people Security awareness seminar for IT professionals Information Security Awareness September 2011.

Copyright © 2011 IsecT Ltd. Securing people Security awareness seminar for IT professionals Information Security Awareness September 2011.
1 RXQ. 10.4.2 Customer Drop Submitted by Supplier Process Flow Diagram Customer Supplier Distribution Company Supplier sends Drop Request to Distribution.

1 RXQ Customer Drop Submitted by Supplier Process Flow Diagram Customer Supplier Distribution Company Supplier sends Drop Request to Distribution.
1 Sales and Persuasive Messages Mary Ellen Guffey, Business Communication: Process and Product, 4e Copyright © 2003.

1 Sales and Persuasive Messages Mary Ellen Guffey, Business Communication: Process and Product, 4e Copyright © 2003.
1 Hands Off My $$! Preventing & Reporting Financial Abuse Presented by Office of Clients Rights Advocacy.

1 Hands Off My $$! Preventing & Reporting Financial Abuse Presented by Office of Clients Rights Advocacy.
Fraud Protection. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.

Fraud Protection. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.
Social Engineering Training. Training Goals Increase Laboratory Awareness. Provide the tools required to identify, avoid and report advanced Social Engineering.

Social Engineering Training. Training Goals Increase Laboratory Awareness. Provide the tools required to identify, avoid and report advanced Social Engineering.
1 Online Self-Defense: Avoiding Email Scams Chau Mai December 5, 2013.

1 Online Self-Defense: Avoiding Scams Chau Mai December 5, 2013.
Today’s Agenda… Knowledge Check What is Cyber Crime? Identity Theft Phishing Common Scams inc. online and mobile phone scams Prevention Methods.

Today’s Agenda… Knowledge Check What is Cyber Crime? Identity Theft Phishing Common Scams inc. online and mobile phone scams Prevention Methods.
Victoria ISD Common Sense Media Grade 6: Scams and schemes

Victoria ISD Common Sense Media Grade 6: Scams and schemes
Friday June 6, 2014 OBJ: SWBAT understand what identity theft is, what the consequences are, and how to prevent it. Drill: What statement is this cartoon.

Friday June 6, 2014 OBJ: SWBAT understand what identity theft is, what the consequences are, and how to prevent it. Drill: What statement is this cartoon.
What is identity theft, and how can you protect yourself from it?

What is identity theft, and how can you protect yourself from it?
What you don’t know CAN hurt you!

What you don’t know CAN hurt you!
Security Awareness Lloyd Guyot – Steelcase Ed Jaros – Tenundra Inc. July 17, 2003.

Security Awareness Lloyd Guyot – Steelcase Ed Jaros – Tenundra Inc. July 17, 2003.
Linked-In Basics and Networking Tool Finding your way into the right connection.

Linked-In Basics and Networking Tool Finding your way into the right connection.
Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”

Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
Internet Fraud By Jessica Habermehl &Ally Erwine Period 9.

Internet Fraud By Jessica Habermehl &Ally Erwine Period 9.
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?

DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?

Similar presentations

Ads by Google