SlideShare una empresa de Scribd logo
1 de 19
Lesson 2: Social
engineering
Year 9 – Cybersecurity
In this lesson, you will
● Recognise how human errors pose security risks to data
● Implement strategies to minimise the risk of data being compromised
through human error
Lesson 2: Social engineering
2
Objectives
Which rock star are
you?
Starter activity
3
Open a web browser and type in the
following URL to find out:
ncce.io/rockstar
You’ve been a victim of social engineering
Starter activity
How might a hacker use the data
that you have willingly given to
them?
4
Name
Email
address
Date of birth
Mother’s maiden
name
Name of first
pet
Favourite colour
Favourite band
or artist
Data you
submitted
There are lots of technical ways to try and
keep data safe and secure.
Human error arguably creates the largest
risk of the data being compromised.
Social engineering is a set of methods
used by cybercriminals to deceive
individuals into handing over information
that they can use for fraudulent purposes.
Social engineering
5
Activity 1
What’s different about social engineering,
in comparison to other cybercrimes, is that
it is humans trying to trick or manipulate
other humans.
Social engineering
6
Activity 1
Shouldering (also known as
shoulder surfing) is an attack
designed to steal a victim's
password or other sensitive data.
It involves the attacker watching the
victim while they provide sensitive
information, for example, over their
shoulder. This type of attack might
be familiar; it is often used to find out
someone's PIN at a cash machine.
Shouldering
7
Activity 1
These are attacks in which the victim
is asked in an app or a social media
post to combine a few pieces of
information or complete a short quiz
to produce a name.
Attackers do this to find out key
pieces of information that can help
them to answer the security
questions that protect people's
accounts.
Name generator attacks
8
Activity 1
A phishing attack is an attack in
which the victim receives an email
disguised to look as if it has come
from a reputable source, in order to
trick them into giving up valuable
data.
The email usually provides a link to
another website where the
information can be inputted.
Phishing
9
Activity 1
http://l0g1npage.com/B3G7?id=4n
Sending similar messages by SMS is known as
smishing.
It is called phishing, as in ‘fishing’,
because:
● A line is thrown out into a place
where there are many potential
‘fish’ (victims)
● The line has bait on the end in
order to attract the victims
● If a victim bites (clicks the link)
they are hooked in
Phishing
10
Activity 1
● Unexpected email with a request for information
● Message content contains spelling errors
● Suspicious hyperlinks in email
○ Text that is hyperlinked to a web address that contains spelling errors and/or lots of
random numbers and letters
○ Text that is hyperlinked to a domain name that you don't recognise and/or isn't
connected to the email sender
● Generic emails that don't address you by name or contain any
personal information that you would expect the sender to know
Phishing: Key indicators of a phishing email
11
Activity 1
Complete Activity 1 on your worksheet.
Blagging (also known as
pretexting) is an attack in which
the perpetrator invents a scenario
in order to convince the victim to
give them data or money.
This attack often requires the
attacker to maintain a
conversation with the victim until
they are persuaded to give up
whatever the attacker asked for.
Blagging
12
Activity 2
The following email doesn’t
contain a hyperlink to click on, but
it does include suspicious
information.
Think/write/pair/share:
Try to find a minimum of three
things that make this email
suspicious.
Complete this on your
worksheet.
Blagging
13
Activity 2
● Suspicious code in email
(‘Dear <name?>’)
Blagging
14
Activity 2
● Spelling mistakes (‘deer
friend’)
● Unusual use of English (‘a
excitable business
opportunity’)
Blagging
15
Activity 2
Blagging doesn’t only happen via
email.
Watch this video
Phishing or blagging?
16
Watch this video
Questions
What is the difference between
phishing and blagging?
Was what happens on this video
phishing or blagging?
What about the email made it
suspicious?
Activity 2
Put yourself in the shoes of the
cybersecurity team of a national
bank. Your job is to try to prevent
your customers becoming victims of
social engineering.
Complete tasks 4.1 and 4.2 on your
worksheet.
Protecting your customers
17
Activity 3
Use the worksheet to complete the
multiple-choice questions.
Plenary questions
18
Plenary
In this lesson, you...
Recognised that human errors pose
security risks to data
Looked at strategies to minimise the
risk of data being compromised
through human error
Next lesson
19
Next lesson, you will…
Look at common methods used by
hackers and what laws are in place
to act as deterrents
Summary

Más contenido relacionado

Similar a L2 Slides – Cyber security- social engineering year 9.

Cyberattacks the-next-healthcare-epidemic
Cyberattacks the-next-healthcare-epidemicCyberattacks the-next-healthcare-epidemic
Cyberattacks the-next-healthcare-epidemicKate Barney
 
Rules of Netiquette
 Rules of Netiquette Rules of Netiquette
Rules of NetiquetteRochelle Nato
 
CyberFirst-Navigators-Lesson-1-presentation.pptx
CyberFirst-Navigators-Lesson-1-presentation.pptxCyberFirst-Navigators-Lesson-1-presentation.pptx
CyberFirst-Navigators-Lesson-1-presentation.pptxneyoge6666
 
Rules of netiquette-lesson 2.pptx
Rules of netiquette-lesson 2.pptxRules of netiquette-lesson 2.pptx
Rules of netiquette-lesson 2.pptxNoelBuctot1
 
Q3 G11 Empowerment Technologies Module 2.pdf
Q3 G11 Empowerment Technologies Module 2.pdfQ3 G11 Empowerment Technologies Module 2.pdf
Q3 G11 Empowerment Technologies Module 2.pdfBryanSmile
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureLourdes Paloma Gimenez
 
Your digital identity - are you feeling lucky?
Your digital identity - are you feeling lucky?Your digital identity - are you feeling lucky?
Your digital identity - are you feeling lucky?Kirsten Thompson
 
Digital literacy 2
Digital literacy 2Digital literacy 2
Digital literacy 2mj_jamal
 
Customer Involvement in Phishing Defence
Customer Involvement in Phishing DefenceCustomer Involvement in Phishing Defence
Customer Involvement in Phishing DefenceJordan Schroeder
 
Human Factor on Information Security -- Origin of Information Leakage
Human Factor on Information Security  -- Origin of Information LeakageHuman Factor on Information Security  -- Origin of Information Leakage
Human Factor on Information Security -- Origin of Information LeakageToru Nakata
 
WPU ICC Template-2 ... Topic. 2.1.4 Methods Infiltration.pptx
WPU ICC Template-2  ... Topic. 2.1.4 Methods Infiltration.pptxWPU ICC Template-2  ... Topic. 2.1.4 Methods Infiltration.pptx
WPU ICC Template-2 ... Topic. 2.1.4 Methods Infiltration.pptxWestern Pacific University
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptCakraWicaksono3
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptpixvilx
 

Similar a L2 Slides – Cyber security- social engineering year 9. (20)

Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Cyberattacks the-next-healthcare-epidemic
Cyberattacks the-next-healthcare-epidemicCyberattacks the-next-healthcare-epidemic
Cyberattacks the-next-healthcare-epidemic
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Rules of Netiquette
 Rules of Netiquette Rules of Netiquette
Rules of Netiquette
 
CyberFirst-Navigators-Lesson-1-presentation.pptx
CyberFirst-Navigators-Lesson-1-presentation.pptxCyberFirst-Navigators-Lesson-1-presentation.pptx
CyberFirst-Navigators-Lesson-1-presentation.pptx
 
How To Catch a Phish: User Awareness and Training
How To Catch a Phish: User Awareness and TrainingHow To Catch a Phish: User Awareness and Training
How To Catch a Phish: User Awareness and Training
 
Phishing mails: Bonnes pratiques
Phishing mails: Bonnes pratiques Phishing mails: Bonnes pratiques
Phishing mails: Bonnes pratiques
 
Security Awareness Training.pptx
Security Awareness Training.pptxSecurity Awareness Training.pptx
Security Awareness Training.pptx
 
Rules of netiquette-lesson 2.pptx
Rules of netiquette-lesson 2.pptxRules of netiquette-lesson 2.pptx
Rules of netiquette-lesson 2.pptx
 
Q3 G11 Empowerment Technologies Module 2.pdf
Q3 G11 Empowerment Technologies Module 2.pdfQ3 G11 Empowerment Technologies Module 2.pdf
Q3 G11 Empowerment Technologies Module 2.pdf
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity posture
 
Users guide
Users guideUsers guide
Users guide
 
Your digital identity - are you feeling lucky?
Your digital identity - are you feeling lucky?Your digital identity - are you feeling lucky?
Your digital identity - are you feeling lucky?
 
Digital literacy 2
Digital literacy 2Digital literacy 2
Digital literacy 2
 
Customer Involvement in Phishing Defence
Customer Involvement in Phishing DefenceCustomer Involvement in Phishing Defence
Customer Involvement in Phishing Defence
 
Human Factor on Information Security -- Origin of Information Leakage
Human Factor on Information Security  -- Origin of Information LeakageHuman Factor on Information Security  -- Origin of Information Leakage
Human Factor on Information Security -- Origin of Information Leakage
 
WPU ICC Template-2 ... Topic. 2.1.4 Methods Infiltration.pptx
WPU ICC Template-2  ... Topic. 2.1.4 Methods Infiltration.pptxWPU ICC Template-2  ... Topic. 2.1.4 Methods Infiltration.pptx
WPU ICC Template-2 ... Topic. 2.1.4 Methods Infiltration.pptx
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.ppt
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.ppt
 

Último

TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...Nguyen Thanh Tu Collection
 
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdfFICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdfPondicherry University
 
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...Nguyen Thanh Tu Collection
 
OSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & SystemsOSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & SystemsSandeep D Chaudhary
 
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽中 央社
 
SURVEY I created for uni project research
SURVEY I created for uni project researchSURVEY I created for uni project research
SURVEY I created for uni project researchCaitlinCummins3
 
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptxAnalyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptxLimon Prince
 
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文中 央社
 
Personalisation of Education by AI and Big Data - Lourdes Guàrdia
Personalisation of Education by AI and Big Data - Lourdes GuàrdiaPersonalisation of Education by AI and Big Data - Lourdes Guàrdia
Personalisation of Education by AI and Big Data - Lourdes GuàrdiaEADTU
 
Andreas Schleicher presents at the launch of What does child empowerment mean...
Andreas Schleicher presents at the launch of What does child empowerment mean...Andreas Schleicher presents at the launch of What does child empowerment mean...
Andreas Schleicher presents at the launch of What does child empowerment mean...EduSkills OECD
 
AIM of Education-Teachers Training-2024.ppt
AIM of Education-Teachers Training-2024.pptAIM of Education-Teachers Training-2024.ppt
AIM of Education-Teachers Training-2024.pptNishitharanjan Rout
 
UChicago CMSC 23320 - The Best Commit Messages of 2024
UChicago CMSC 23320 - The Best Commit Messages of 2024UChicago CMSC 23320 - The Best Commit Messages of 2024
UChicago CMSC 23320 - The Best Commit Messages of 2024Borja Sotomayor
 
How to Send Pro Forma Invoice to Your Customers in Odoo 17
How to Send Pro Forma Invoice to Your Customers in Odoo 17How to Send Pro Forma Invoice to Your Customers in Odoo 17
How to Send Pro Forma Invoice to Your Customers in Odoo 17Celine George
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...EADTU
 
When Quality Assurance Meets Innovation in Higher Education - Report launch w...
When Quality Assurance Meets Innovation in Higher Education - Report launch w...When Quality Assurance Meets Innovation in Higher Education - Report launch w...
When Quality Assurance Meets Innovation in Higher Education - Report launch w...Gary Wood
 
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...Nguyen Thanh Tu Collection
 
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading RoomSternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading RoomSean M. Fox
 
Basic Civil Engineering notes on Transportation Engineering & Modes of Transport
Basic Civil Engineering notes on Transportation Engineering & Modes of TransportBasic Civil Engineering notes on Transportation Engineering & Modes of Transport
Basic Civil Engineering notes on Transportation Engineering & Modes of TransportDenish Jangid
 

Último (20)

TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
 
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdfFICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
FICTIONAL SALESMAN/SALESMAN SNSW 2024.pdf
 
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
 
OSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & SystemsOSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & Systems
 
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
 
VAMOS CUIDAR DO NOSSO PLANETA! .
VAMOS CUIDAR DO NOSSO PLANETA!                    .VAMOS CUIDAR DO NOSSO PLANETA!                    .
VAMOS CUIDAR DO NOSSO PLANETA! .
 
SURVEY I created for uni project research
SURVEY I created for uni project researchSURVEY I created for uni project research
SURVEY I created for uni project research
 
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptxAnalyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
Analyzing and resolving a communication crisis in Dhaka textiles LTD.pptx
 
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
 
Personalisation of Education by AI and Big Data - Lourdes Guàrdia
Personalisation of Education by AI and Big Data - Lourdes GuàrdiaPersonalisation of Education by AI and Big Data - Lourdes Guàrdia
Personalisation of Education by AI and Big Data - Lourdes Guàrdia
 
Andreas Schleicher presents at the launch of What does child empowerment mean...
Andreas Schleicher presents at the launch of What does child empowerment mean...Andreas Schleicher presents at the launch of What does child empowerment mean...
Andreas Schleicher presents at the launch of What does child empowerment mean...
 
AIM of Education-Teachers Training-2024.ppt
AIM of Education-Teachers Training-2024.pptAIM of Education-Teachers Training-2024.ppt
AIM of Education-Teachers Training-2024.ppt
 
UChicago CMSC 23320 - The Best Commit Messages of 2024
UChicago CMSC 23320 - The Best Commit Messages of 2024UChicago CMSC 23320 - The Best Commit Messages of 2024
UChicago CMSC 23320 - The Best Commit Messages of 2024
 
How to Send Pro Forma Invoice to Your Customers in Odoo 17
How to Send Pro Forma Invoice to Your Customers in Odoo 17How to Send Pro Forma Invoice to Your Customers in Odoo 17
How to Send Pro Forma Invoice to Your Customers in Odoo 17
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
 
OS-operating systems- ch05 (CPU Scheduling) ...
OS-operating systems- ch05 (CPU Scheduling) ...OS-operating systems- ch05 (CPU Scheduling) ...
OS-operating systems- ch05 (CPU Scheduling) ...
 
When Quality Assurance Meets Innovation in Higher Education - Report launch w...
When Quality Assurance Meets Innovation in Higher Education - Report launch w...When Quality Assurance Meets Innovation in Higher Education - Report launch w...
When Quality Assurance Meets Innovation in Higher Education - Report launch w...
 
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
 
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading RoomSternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
 
Basic Civil Engineering notes on Transportation Engineering & Modes of Transport
Basic Civil Engineering notes on Transportation Engineering & Modes of TransportBasic Civil Engineering notes on Transportation Engineering & Modes of Transport
Basic Civil Engineering notes on Transportation Engineering & Modes of Transport
 

L2 Slides – Cyber security- social engineering year 9.

  • 1. Lesson 2: Social engineering Year 9 – Cybersecurity
  • 2. In this lesson, you will ● Recognise how human errors pose security risks to data ● Implement strategies to minimise the risk of data being compromised through human error Lesson 2: Social engineering 2 Objectives
  • 3. Which rock star are you? Starter activity 3 Open a web browser and type in the following URL to find out: ncce.io/rockstar
  • 4. You’ve been a victim of social engineering Starter activity How might a hacker use the data that you have willingly given to them? 4 Name Email address Date of birth Mother’s maiden name Name of first pet Favourite colour Favourite band or artist Data you submitted
  • 5. There are lots of technical ways to try and keep data safe and secure. Human error arguably creates the largest risk of the data being compromised. Social engineering is a set of methods used by cybercriminals to deceive individuals into handing over information that they can use for fraudulent purposes. Social engineering 5 Activity 1
  • 6. What’s different about social engineering, in comparison to other cybercrimes, is that it is humans trying to trick or manipulate other humans. Social engineering 6 Activity 1
  • 7. Shouldering (also known as shoulder surfing) is an attack designed to steal a victim's password or other sensitive data. It involves the attacker watching the victim while they provide sensitive information, for example, over their shoulder. This type of attack might be familiar; it is often used to find out someone's PIN at a cash machine. Shouldering 7 Activity 1
  • 8. These are attacks in which the victim is asked in an app or a social media post to combine a few pieces of information or complete a short quiz to produce a name. Attackers do this to find out key pieces of information that can help them to answer the security questions that protect people's accounts. Name generator attacks 8 Activity 1
  • 9. A phishing attack is an attack in which the victim receives an email disguised to look as if it has come from a reputable source, in order to trick them into giving up valuable data. The email usually provides a link to another website where the information can be inputted. Phishing 9 Activity 1 http://l0g1npage.com/B3G7?id=4n Sending similar messages by SMS is known as smishing.
  • 10. It is called phishing, as in ‘fishing’, because: ● A line is thrown out into a place where there are many potential ‘fish’ (victims) ● The line has bait on the end in order to attract the victims ● If a victim bites (clicks the link) they are hooked in Phishing 10 Activity 1
  • 11. ● Unexpected email with a request for information ● Message content contains spelling errors ● Suspicious hyperlinks in email ○ Text that is hyperlinked to a web address that contains spelling errors and/or lots of random numbers and letters ○ Text that is hyperlinked to a domain name that you don't recognise and/or isn't connected to the email sender ● Generic emails that don't address you by name or contain any personal information that you would expect the sender to know Phishing: Key indicators of a phishing email 11 Activity 1 Complete Activity 1 on your worksheet.
  • 12. Blagging (also known as pretexting) is an attack in which the perpetrator invents a scenario in order to convince the victim to give them data or money. This attack often requires the attacker to maintain a conversation with the victim until they are persuaded to give up whatever the attacker asked for. Blagging 12 Activity 2
  • 13. The following email doesn’t contain a hyperlink to click on, but it does include suspicious information. Think/write/pair/share: Try to find a minimum of three things that make this email suspicious. Complete this on your worksheet. Blagging 13 Activity 2
  • 14. ● Suspicious code in email (‘Dear <name?>’) Blagging 14 Activity 2 ● Spelling mistakes (‘deer friend’) ● Unusual use of English (‘a excitable business opportunity’)
  • 15. Blagging 15 Activity 2 Blagging doesn’t only happen via email. Watch this video
  • 16. Phishing or blagging? 16 Watch this video Questions What is the difference between phishing and blagging? Was what happens on this video phishing or blagging? What about the email made it suspicious? Activity 2
  • 17. Put yourself in the shoes of the cybersecurity team of a national bank. Your job is to try to prevent your customers becoming victims of social engineering. Complete tasks 4.1 and 4.2 on your worksheet. Protecting your customers 17 Activity 3
  • 18. Use the worksheet to complete the multiple-choice questions. Plenary questions 18 Plenary
  • 19. In this lesson, you... Recognised that human errors pose security risks to data Looked at strategies to minimise the risk of data being compromised through human error Next lesson 19 Next lesson, you will… Look at common methods used by hackers and what laws are in place to act as deterrents Summary

Notas del editor

  1. Last updated 21-05-21 Resources are updated regularly — the latest version is available at: ncce.io/tcc. This resource is licensed under the Open Government Licence, version 3. For more information on this licence, see ncce.io/ogl.
  2. Secondary – objectives slides
  3. source: https://pixabay.com/illustrations/guitarist-shaggy-rock-star-cartoon-2164356/
  4. Highlight to the learners that when setting up accounts you are often asked security questions so that if they forget their password they can be asked questions that will allow them to reset their password and gain access to the account. This data might also help cyber criminals guess your passwords or even perform identity theft. Image source: https://pixabay.com/illustrations/hack-hacker-elite-hacking-exploits-813290/
  5. Bank logo image source: https://pixabay.com/vectors/administration-banking-college-152960/
  6. Image source: https://pixabay.com/illustrations/phishing-fraud-cyber-security-3390518/