SlideShare una empresa de Scribd logo

SECURITY AND SOCIAL ENGINEERING.ppt

Descargar como PPT, PDF
C
CakraWicaksono3

another referention of soceng ppt

Educación
1 de 11
SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say Something! 1
Objectives Understand the principles of social engineering Define the goals of social engineering Recognize the signs of social engineering Identify ways to protect yourself from social engineering Security is Everyone's Responsibility – See Something, Say Something! 2
What is Social Engineering 1. At its core it is manipulating a person into knowingly or unknowingly giving up information; essentially 'hacking' into a person to steal valuable information. • Psychological manipulation • Trickery or Deception for the purpose of information gathering Security is Everyone's Responsibility – See Something, Say Something! 3
What is Social Engineering 2. It is a way for criminals to gain access to information systems. The purpose of social engineering is usually to secretly install spyware, other malicious software or to trick persons into handing over passwords and/or other sensitive financial or personal information Security is Everyone's Responsibility – See Something, Say Something! 4
What is Social Engineering 3. Social engineering is one of the most effective routes to stealing confidential data from organizations, according to Siemens Enterprise Communications, based in Germany. In a recent Siemens test, 85 percent of office workers were duped by engineering. “Most employees are utterly unaware that they are being manipulated,” says Colin Greenlees, security and counter-fraud consultant at Siemens. Security is Everyone's Responsibility – See Something, Say Something! 5
What are they looking for • Obtaining simple information such as your pet's name, where you're from, the places you've visited; information that you'd give out freely to your friends. – Think of yourself as a walking computer, full of valuable information about yourself. You've got a name, address, and valuables. Now categorize those items like a business does. Personally identifiable data, financial information, cardholder data, health insurance data, credit reporting data, and so on… Security is Everyone's Responsibility – See Something, Say Something! 6
What are they looking for • Take a close look at some of the 'secure' sites you log into. Some have a 'secret question' you have to answer, if you cannot remember your username or password. The questions seem pretty tough for an outsider looking into trying to hack into your account. What's the name of your first pet? What is your maiden name? When was your mother/father born? Where were you born? Do these sound familiar? Security is Everyone's Responsibility – See Something, Say Something! 7
Tactics 1. Pretexting – Creating a fake scenario 2. Phishing – Send out bait to fool victims into giving away their information 3. Fake Websites – Molded to look like the real thing. Log in with real credentials that are now compromised 4. Fake Pop-up – Pops up in front of real web site to obtain user credentials Security is Everyone's Responsibility – See Something, Say Something! 8
Protecting Yourself A security aware culture can help employees identify and repel social engineering attacks  Recognize inappropriate requests for information  Take ownership for corporate security  Understand risk and impact of security breeches  Social engineering attacks are personal  Password management  Two factor authentication  Physical security  Understand what information you are putting on the Web for targeting at social network sites Google Twitter MySpace Facebook Personal Blogs LinkedIn Security is Everyone's Responsibility – See Something, Say Something! 9
Protecting Yourself 1. Network defenses to repel virus • Virus protection (McAfee, Norton, Symantec, etc…) • Email attachment scanning • Firewalls, etc… 2. Organizations must decide what information is sensitive 3. Security must be periodically tested 4. Contact your security office immediately if you have any concerns at work Security is Everyone's Responsibility – See Something, Say Something! 10
Security is Everyone's Responsibility – See Something, Say Something! 11

Recomendados

Social Networking Security For OCRI - Scott Wright - Condensed July 9, 2009
Social Networking Security For OCRI - Scott Wright - Condensed July 9, 2009Social Networking Security For OCRI - Scott Wright - Condensed July 9, 2009
Social Networking Security For OCRI - Scott Wright - Condensed July 9, 2009Scott Wright
 
Users guide
Users guideUsers guide
Users guideDarren Thomas
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNcell
 
Ict lec#9
Ict lec#9Ict lec#9
Ict lec#9amberkhan59
 
Social Engineering and What to do About it
Social Engineering and What to do About itSocial Engineering and What to do About it
Social Engineering and What to do About itAleksandr Yampolskiy
 
Internet security
Internet securityInternet security
Internet securityMohamed El-malki
 
Ethical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorldEthical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorldRownel Cerezo Gagani
 
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxCYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxBarakaMuyengi
 

Recomendados

Social Networking Security For OCRI - Scott Wright - Condensed July 9, 2009
Social Networking Security For OCRI - Scott Wright - Condensed July 9, 2009Social Networking Security For OCRI - Scott Wright - Condensed July 9, 2009
Social Networking Security For OCRI - Scott Wright - Condensed July 9, 2009Scott Wright
 
Users guide
Users guideUsers guide
Users guideDarren Thomas
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNcell
 
Ict lec#9
Ict lec#9Ict lec#9
Ict lec#9amberkhan59
 
Social Engineering and What to do About it
Social Engineering and What to do About itSocial Engineering and What to do About it
Social Engineering and What to do About itAleksandr Yampolskiy
 
Internet security
Internet securityInternet security
Internet securityMohamed El-malki
 
Ethical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorldEthical Dilemmas/Issues in CyberWorld
Ethical Dilemmas/Issues in CyberWorldRownel Cerezo Gagani
 
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxCYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptxBarakaMuyengi
 
National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationJamie Proctor-Brassard
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering OWASP Foundation
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of CybercrimeRubi Orbeta
 
Security and the Service Desk
Security and the Service DeskSecurity and the Service Desk
Security and the Service DeskNorthCoastHDI
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness trainingAbdalrhmanTHassan
 
Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badbanerjeea
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyRussell Publishing
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scamsronpoul
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scamsronpoul
 
computer law.pptx
computer law.pptxcomputer law.pptx
computer law.pptxMouradAKenk
 
What is social engineering & why it is important
What is social engineering & why it is importantWhat is social engineering & why it is important
What is social engineering & why it is importantVikram Khanna
 
Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Lawley Insurance
 
Cyber crime ethics and un ethics
Cyber crime ethics and un ethicsCyber crime ethics and un ethics
Cyber crime ethics and un ethicsMuhammad Umar Farooq
 
Internet Safety.pptx
Internet Safety.pptxInternet Safety.pptx
Internet Safety.pptxAljunMisa
 
Internet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwalInternet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwalVaishnaviKhandelwal6
 
I’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take NextI’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take NextBrian Pichman
 
Information Security
Information SecurityInformation Security
Information SecurityChief Optimist
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureLourdes Paloma Gimenez
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessEric Schiowitz
 
Internet Security.pptx
Internet Security.pptxInternet Security.pptx
Internet Security.pptxhavaneb872
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 

Más contenido relacionado

Similar a SECURITY AND SOCIAL ENGINEERING.ppt

National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationJamie Proctor-Brassard
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering OWASP Foundation
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of CybercrimeRubi Orbeta
 
Security and the Service Desk
Security and the Service DeskSecurity and the Service Desk
Security and the Service DeskNorthCoastHDI
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness trainingAbdalrhmanTHassan
 
Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badbanerjeea
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyRussell Publishing
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scamsronpoul
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scamsronpoul
 
computer law.pptx
computer law.pptxcomputer law.pptx
computer law.pptxMouradAKenk
 
What is social engineering & why it is important
What is social engineering & why it is importantWhat is social engineering & why it is important
What is social engineering & why it is importantVikram Khanna
 
Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Lawley Insurance
 
Internet Safety.pptx
Internet Safety.pptxInternet Safety.pptx
Internet Safety.pptxAljunMisa
 
Internet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwalInternet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwalVaishnaviKhandelwal6
 
I’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take NextI’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take NextBrian Pichman
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureLourdes Paloma Gimenez
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessEric Schiowitz
 
Internet Security.pptx
Internet Security.pptxInternet Security.pptx
Internet Security.pptxhavaneb872
 

Similar a SECURITY AND SOCIAL ENGINEERING.ppt (20)

National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness Presentation
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of Cybercrime
 
Security and the Service Desk
Security and the Service DeskSecurity and the Service Desk
Security and the Service Desk
 
Customer information security awareness training
Customer information security awareness trainingCustomer information security awareness training
Customer information security awareness training
 
Whitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-badWhitepaper-When-Admins-go-bad
Whitepaper-When-Admins-go-bad
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthy
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scams
 
Prevent phishing scams
Prevent phishing scamsPrevent phishing scams
Prevent phishing scams
 
computer law.pptx
computer law.pptxcomputer law.pptx
computer law.pptx
 
What is social engineering & why it is important
What is social engineering & why it is importantWhat is social engineering & why it is important
What is social engineering & why it is important
 
Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015
 
Cyber crime ethics and un ethics
Cyber crime ethics and un ethicsCyber crime ethics and un ethics
Cyber crime ethics and un ethics
 
Internet Safety.pptx
Internet Safety.pptxInternet Safety.pptx
Internet Safety.pptx
 
Internet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwalInternet secutity ppt by vaishnavi khandelwal
Internet secutity ppt by vaishnavi khandelwal
 
I’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take NextI’ve Been Hacked  The Essential Steps to Take Next
I’ve Been Hacked  The Essential Steps to Take Next
 
Information Security
Information SecurityInformation Security
Information Security
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity posture
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat Awareness
 
Internet Security.pptx
Internet Security.pptxInternet Security.pptx
Internet Security.pptx
 

Último

Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...anjaliyadav012327
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxShobhayan Kirtania
 
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Pooja Nehwal
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 

Último (20)

Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptx
 
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 

SECURITY AND SOCIAL ENGINEERING.ppt

  • 1. SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say Something! 1
  • 2. Objectives Understand the principles of social engineering Define the goals of social engineering Recognize the signs of social engineering Identify ways to protect yourself from social engineering Security is Everyone's Responsibility – See Something, Say Something! 2
  • 3. What is Social Engineering 1. At its core it is manipulating a person into knowingly or unknowingly giving up information; essentially 'hacking' into a person to steal valuable information. • Psychological manipulation • Trickery or Deception for the purpose of information gathering Security is Everyone's Responsibility – See Something, Say Something! 3
  • 4. What is Social Engineering 2. It is a way for criminals to gain access to information systems. The purpose of social engineering is usually to secretly install spyware, other malicious software or to trick persons into handing over passwords and/or other sensitive financial or personal information Security is Everyone's Responsibility – See Something, Say Something! 4
  • 5. What is Social Engineering 3. Social engineering is one of the most effective routes to stealing confidential data from organizations, according to Siemens Enterprise Communications, based in Germany. In a recent Siemens test, 85 percent of office workers were duped by engineering. “Most employees are utterly unaware that they are being manipulated,” says Colin Greenlees, security and counter-fraud consultant at Siemens. Security is Everyone's Responsibility – See Something, Say Something! 5
  • 6. What are they looking for • Obtaining simple information such as your pet's name, where you're from, the places you've visited; information that you'd give out freely to your friends. – Think of yourself as a walking computer, full of valuable information about yourself. You've got a name, address, and valuables. Now categorize those items like a business does. Personally identifiable data, financial information, cardholder data, health insurance data, credit reporting data, and so on… Security is Everyone's Responsibility – See Something, Say Something! 6
  • 7. What are they looking for • Take a close look at some of the 'secure' sites you log into. Some have a 'secret question' you have to answer, if you cannot remember your username or password. The questions seem pretty tough for an outsider looking into trying to hack into your account. What's the name of your first pet? What is your maiden name? When was your mother/father born? Where were you born? Do these sound familiar? Security is Everyone's Responsibility – See Something, Say Something! 7
  • 8. Tactics 1. Pretexting – Creating a fake scenario 2. Phishing – Send out bait to fool victims into giving away their information 3. Fake Websites – Molded to look like the real thing. Log in with real credentials that are now compromised 4. Fake Pop-up – Pops up in front of real web site to obtain user credentials Security is Everyone's Responsibility – See Something, Say Something! 8
  • 9. Protecting Yourself A security aware culture can help employees identify and repel social engineering attacks  Recognize inappropriate requests for information  Take ownership for corporate security  Understand risk and impact of security breeches  Social engineering attacks are personal  Password management  Two factor authentication  Physical security  Understand what information you are putting on the Web for targeting at social network sites Google Twitter MySpace Facebook Personal Blogs LinkedIn Security is Everyone's Responsibility – See Something, Say Something! 9
  • 10. Protecting Yourself 1. Network defenses to repel virus • Virus protection (McAfee, Norton, Symantec, etc…) • Email attachment scanning • Firewalls, etc… 2. Organizations must decide what information is sensitive 3. Security must be periodically tested 4. Contact your security office immediately if you have any concerns at work Security is Everyone's Responsibility – See Something, Say Something! 10
  • 11. Security is Everyone's Responsibility – See Something, Say Something! 11