SlideShare una empresa de Scribd logo

Social engineering The Good and Bad

Descargar como PPTX, PDF
Tzar Umang
Tzar Umang

Understand Social Engineering on a new perspective, beyond the conventional understanding that we have, learn how we use it on social development and securing the weakest link in cybersecurity

Internet
1 de 15
Social Engineering The Good and Bad Tzar C. Umang Tzar Enterprises – 23o9.tech
Objective • Understand the principles of Social Engineering on both ends, the good and the bad • Define the goals of Social Engineering • Recognize the signs of Social Engineering • Social Media and Social Engineering • Identify ways how to sort out information to protect or comply responsibly
Social Engineering? • Definition 1 • A method by which people are manipulated, consciously or unconsciously to extract information, personal and valuable information for the following purposes: • Hacking into accounts • Identity Theft • Done with: • Psychological Manipulation • Trickery or Deception
Social Engineering? • Definition 2 • It is a way by criminals to lure victims to an infected item to secretly install spyware, trojans and malwares or to use a mock up login page to trick users to enter their username and password.
Social Engineering? • Definition 3 • It is the most effective way to steal confidential data from an unsuspecting victims. • According to Siemens Enterprise Communications, based in Germany. In a recent Siemens test, 85 percent of office workers were duped by engineering. “Most employees are utterly unaware that they are being manipulated,” says Colin Greenlees, security and counter-fraud consultant at Siemens.
Social Engineering? It is a method governed by several discipline such as psychology and mathematics to bring about shift on mindset or thinking of the target individual or population to bring about compliance based on goals and targets of the Social Engineer, whether it is good or bad… Good Bad Rapid Mind shift towards Social Change for the Better Inciting Rebellion Effective Compliance to Laws Data Leakage through irresponsible mind or thought shaping
Social Engineering and Security Challenges • What are they up to? • Valuable Information • Identity • Profiling Data • Compliance • Manipulation
Social Engineering and Security • Information Theft • Obtaining simple information such as your pet's name, birthday, where you're from, the places you've visited; information that you'd give out freely to your friends. • Think of yourself as a walking computer, full of valuable information about yourself. You've got a name, address, and valuables. Now categorize those items like a business does. Personally identifiable data, financial information, cardholder data, health insurance data, credit reporting data, and so on…
Social Engineering and Security • Where do you use the information? • Answers to secret questions… What's the name of your first pet? What is your maiden name? When was your mother/father born? Where were you born? When are you born?
Social Engineering and Security • Common strategies that are used:  Pretexting – Creating a fake scenario “Mr. Zimbabwe”  Phishing and Fake Websites – Send out bait to fool victims into giving away their information using a site that looks like the real thing. Log in with real credentials that are now compromised “FB Fake Login Page”  –Fake Pop-up – Pops up in front of real web site to obtain user credentials “Special Offer”
Social Engineering and Security • Large Scale Mind Shift Operation • FB Emotion Targeting Experiment • Negative post are increased that affected users emotions and pushed them to post more negative stuff • “Million People March” • A viral phenomenon where the citizenry’s flared up emotions are used to bring them to gather around Rizal Park last 2011, organizers used social engineering to effectively invite people • Smarter Philippines Rapid Mind Shift Framework • Highly based on social engineering principles to rapidly shift the mindset of the target social group to enhance productivity and compliance
Protection? • To protect yourself from the bad side of Social Engineering you should:  Recognize inappropriate requests for information  Take ownership for corporate security  Understand risk and impact of security breeches  Social engineering attacks are personal  Password management  Two factor authentication  Physical security  Understand what information you are putting on the Web for targeting at social network sites
Making it Effective? • How to make if effective if you are geared towards the good side of Social Engineering? • Know the target, weaknesses and strengths • Work on the need • Localize • Rapid IEC • Real Results
Thankyou for listening!!! TzarC. Umang tzarumang@gmail.com

Recomendados

Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hacking
msaksida
 
Social engineering
Social engineering Social engineering
Social engineering
Abdelhamid Limami
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionage
Marin Ivezic
 
Social engineering
Social engineeringSocial engineering
Social engineering
Alexander Zhuravlev
 
Social engineering
Social engineeringSocial engineering
Social engineering
Robert Hood
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...
ABHAY PATHAK
 
Social engineering
Social engineering Social engineering
Social engineering
Vîñàý Pãtêl
 
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkInsiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Richard Common
 

Recomendados

Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hacking
msaksida
 
Social engineering
Social engineering Social engineering
Social engineering
Abdelhamid Limami
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionage
Marin Ivezic
 
Social engineering
Social engineeringSocial engineering
Social engineering
Alexander Zhuravlev
 
Social engineering
Social engineeringSocial engineering
Social engineering
Robert Hood
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...
ABHAY PATHAK
 
Social engineering
Social engineering Social engineering
Social engineering
Vîñàý Pãtêl
 
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkInsiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Richard Common
 
Social Engineering and What to do About it
Social Engineering and What to do About itSocial Engineering and What to do About it
Social Engineering and What to do About it
Aleksandr Yampolskiy
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human Behavior
James Krusic
 
Social Engineering Techniques
Social Engineering TechniquesSocial Engineering Techniques
Social Engineering Techniques
Neelu Tripathy
 
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking FrameworkSocial engineering: A Human Hacking Framework
Social engineering: A Human Hacking Framework
Jahangirnagar University
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attack
Pankaj Dubey
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
Paul Devassy, CPP
 
Social engineering
Social engineeringSocial engineering
Social engineering
Vishal Kumar
 
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917
Evan Francen
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
pooja_doshi
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
Cyber Agency
 
Social engineering
Social engineeringSocial engineering
Social engineering
ankushmohanty
 
Social engineering tales
Social engineering tales Social engineering tales
Social engineering tales
Ahmed Musaad
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering Basics
Luke Rusten
 
Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?
JamRivera1
 
Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015
Hovhannes Aghajanyan
 
Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"
abercius24
 
Social engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekarSocial engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekar
Raghunath G
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
William Gregorian
 
social engineering
social engineering social engineering
social engineering
Ravi Patel
 
Social engineering
Social engineeringSocial engineering
Social engineering
Maulik Kotak
 
Social Engineering.pdf
Social Engineering.pdfSocial Engineering.pdf
Social Engineering.pdf
MeshalALshammari12
 
NENA 2017 Doxing and Social Engineering
NENA 2017 Doxing and Social EngineeringNENA 2017 Doxing and Social Engineering
NENA 2017 Doxing and Social Engineering
Jack Kessler
 

Más contenido relacionado

La actualidad más candente

Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
pooja_doshi
 
Social engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekarSocial engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekar
Raghunath G
 

La actualidad más candente (20)

Social Engineering and What to do About it
Social Engineering and What to do About itSocial Engineering and What to do About it
Social Engineering and What to do About it
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human Behavior
 
Social Engineering Techniques
Social Engineering TechniquesSocial Engineering Techniques
Social Engineering Techniques
 
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking FrameworkSocial engineering: A Human Hacking Framework
Social engineering: A Human Hacking Framework
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attack
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Social engineering tales
Social engineering tales Social engineering tales
Social engineering tales
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering Basics
 
Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?
 
Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015
 
Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"
 
Social engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekarSocial engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekar
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
social engineering
social engineering social engineering
social engineering
 
Social engineering
Social engineeringSocial engineering
Social engineering
 

Similar a Social engineering The Good and Bad

Counterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxCounterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptx
ZakiAhmed70
 
Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...
Justin Denton
 

Similar a Social engineering The Good and Bad (20)

Social Engineering.pdf
Social Engineering.pdfSocial Engineering.pdf
Social Engineering.pdf
 
NENA 2017 Doxing and Social Engineering
NENA 2017 Doxing and Social EngineeringNENA 2017 Doxing and Social Engineering
NENA 2017 Doxing and Social Engineering
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
 
What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.
 
Cybersecurity for Emergency Managers
Cybersecurity for Emergency ManagersCybersecurity for Emergency Managers
Cybersecurity for Emergency Managers
 
Webinar cybersecurity presentation-6-2018 (final)
Webinar cybersecurity presentation-6-2018 (final)Webinar cybersecurity presentation-6-2018 (final)
Webinar cybersecurity presentation-6-2018 (final)
 
- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdf- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdf
 
Social Engineering, or hacking people
Social Engineering, or hacking peopleSocial Engineering, or hacking people
Social Engineering, or hacking people
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise Security
 
Social Engineering - By Chris Hills
Social Engineering - By Chris HillsSocial Engineering - By Chris Hills
Social Engineering - By Chris Hills
 
Counterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptxCounterintelligence & The Insider Threat January 2019 (1).pptx
Counterintelligence & The Insider Threat January 2019 (1).pptx
 
Investigating & proving cybercrime
Investigating & proving cybercrimeInvestigating & proving cybercrime
Investigating & proving cybercrime
 
Protecting Client Data 11.09.11
Protecting Client Data 11.09.11Protecting Client Data 11.09.11
Protecting Client Data 11.09.11
 
Reconnaissance and Social Engineering
Reconnaissance and Social EngineeringReconnaissance and Social Engineering
Reconnaissance and Social Engineering
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Conference about Social Engineering (by Wh0s)
Conference about Social Engineering (by Wh0s)Conference about Social Engineering (by Wh0s)
Conference about Social Engineering (by Wh0s)
 
Data Privacy
Data PrivacyData Privacy
Data Privacy
 
Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...Creating a digital toolkit for users: How to teach our users how to limit the...
Creating a digital toolkit for users: How to teach our users how to limit the...
 
Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015Cybersecurity Seminar March 2015
Cybersecurity Seminar March 2015
 
Hacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterHacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR Chapter
 

Más de Tzar Umang

Más de Tzar Umang (15)

Tzar-Resume-2018.pdf
Tzar-Resume-2018.pdfTzar-Resume-2018.pdf
Tzar-Resume-2018.pdf
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
 
A Different Perspective on Business with Social Data
A Different Perspective on Business with Social DataA Different Perspective on Business with Social Data
A Different Perspective on Business with Social Data
 
Introduction to Tensorflow
Introduction to TensorflowIntroduction to Tensorflow
Introduction to Tensorflow
 
Kanban
KanbanKanban
Kanban
 
Social Media Analytics for the 3rd and Final Presidential Debate
Social Media Analytics for the 3rd and Final Presidential DebateSocial Media Analytics for the 3rd and Final Presidential Debate
Social Media Analytics for the 3rd and Final Presidential Debate
 
From Sensing to Decision
From Sensing to DecisionFrom Sensing to Decision
From Sensing to Decision
 
Smart Cities
Smart CitiesSmart Cities
Smart Cities
 
Introduction to Go language
Introduction to Go languageIntroduction to Go language
Introduction to Go language
 
Smart ICT Lingayen Presentation
Smart ICT Lingayen PresentationSmart ICT Lingayen Presentation
Smart ICT Lingayen Presentation
 
Formal Concept Analysis
Formal Concept AnalysisFormal Concept Analysis
Formal Concept Analysis
 
Smart ICT extended
Smart ICT extendedSmart ICT extended
Smart ICT extended
 
Cloud computing Disambiguation using Kite Model
Cloud computing Disambiguation using Kite ModelCloud computing Disambiguation using Kite Model
Cloud computing Disambiguation using Kite Model
 
Scrum
ScrumScrum
Scrum
 
Business intelligence for SMEs with Data Analytics
Business intelligence for SMEs with Data AnalyticsBusiness intelligence for SMEs with Data Analytics
Business intelligence for SMEs with Data Analytics
 

Último

一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
F
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Monica Sydney
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
JOHNBEBONYAP1
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
ydyuyu
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Monica Sydney
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Monica Sydney
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
ayvbos
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
Monica Sydney
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
F
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
kumargunjan9515
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
ydyuyu
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
gajnagarg
 

Último (20)

一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
Call girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girlsCall girls Service in Ajman 0505086370 Ajman call girls
Call girls Service in Ajman 0505086370 Ajman call girls
 
一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理一比一原版田纳西大学毕业证如何办理
一比一原版田纳西大学毕业证如何办理
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 

Social engineering The Good and Bad

  • 1. Social Engineering The Good and Bad Tzar C. Umang Tzar Enterprises – 23o9.tech
  • 2. Objective • Understand the principles of Social Engineering on both ends, the good and the bad • Define the goals of Social Engineering • Recognize the signs of Social Engineering • Social Media and Social Engineering • Identify ways how to sort out information to protect or comply responsibly
  • 3. Social Engineering? • Definition 1 • A method by which people are manipulated, consciously or unconsciously to extract information, personal and valuable information for the following purposes: • Hacking into accounts • Identity Theft • Done with: • Psychological Manipulation • Trickery or Deception
  • 4. Social Engineering? • Definition 2 • It is a way by criminals to lure victims to an infected item to secretly install spyware, trojans and malwares or to use a mock up login page to trick users to enter their username and password.
  • 5. Social Engineering? • Definition 3 • It is the most effective way to steal confidential data from an unsuspecting victims. • According to Siemens Enterprise Communications, based in Germany. In a recent Siemens test, 85 percent of office workers were duped by engineering. “Most employees are utterly unaware that they are being manipulated,” says Colin Greenlees, security and counter-fraud consultant at Siemens.
  • 6. Social Engineering? It is a method governed by several discipline such as psychology and mathematics to bring about shift on mindset or thinking of the target individual or population to bring about compliance based on goals and targets of the Social Engineer, whether it is good or bad… Good Bad Rapid Mind shift towards Social Change for the Better Inciting Rebellion Effective Compliance to Laws Data Leakage through irresponsible mind or thought shaping
  • 7. Social Engineering and Security Challenges • What are they up to? • Valuable Information • Identity • Profiling Data • Compliance • Manipulation
  • 8. Social Engineering and Security • Information Theft • Obtaining simple information such as your pet's name, birthday, where you're from, the places you've visited; information that you'd give out freely to your friends. • Think of yourself as a walking computer, full of valuable information about yourself. You've got a name, address, and valuables. Now categorize those items like a business does. Personally identifiable data, financial information, cardholder data, health insurance data, credit reporting data, and so on…
  • 9. Social Engineering and Security • Where do you use the information? • Answers to secret questions… What's the name of your first pet? What is your maiden name? When was your mother/father born? Where were you born? When are you born?
  • 10. Social Engineering and Security • Common strategies that are used:  Pretexting – Creating a fake scenario “Mr. Zimbabwe”  Phishing and Fake Websites – Send out bait to fool victims into giving away their information using a site that looks like the real thing. Log in with real credentials that are now compromised “FB Fake Login Page”  –Fake Pop-up – Pops up in front of real web site to obtain user credentials “Special Offer”
  • 11.
  • 12. Social Engineering and Security • Large Scale Mind Shift Operation • FB Emotion Targeting Experiment • Negative post are increased that affected users emotions and pushed them to post more negative stuff • “Million People March” • A viral phenomenon where the citizenry’s flared up emotions are used to bring them to gather around Rizal Park last 2011, organizers used social engineering to effectively invite people • Smarter Philippines Rapid Mind Shift Framework • Highly based on social engineering principles to rapidly shift the mindset of the target social group to enhance productivity and compliance
  • 13. Protection? • To protect yourself from the bad side of Social Engineering you should:  Recognize inappropriate requests for information  Take ownership for corporate security  Understand risk and impact of security breeches  Social engineering attacks are personal  Password management  Two factor authentication  Physical security  Understand what information you are putting on the Web for targeting at social network sites
  • 14. Making it Effective? • How to make if effective if you are geared towards the good side of Social Engineering? • Know the target, weaknesses and strengths • Work on the need • Localize • Rapid IEC • Real Results