Want to create interactive content? It’s easy in Genially!

Get started free

SOCIAL ENGINEERS

ceylanahsen

Created on February 8, 2021

Start designing with a free template

Discover more than 1500 professional designs like these:

Smart Presentation

Practical Presentation

Essential Presentation

Akihabara Presentation

Pastel Color Presentation

Colorful Presentation

Modular Structure Presentation

Explore all templates

Transcript

Team 1

SOCIAL ENGINEERS

Index

Social Engineering From A to Z

What is role playing?

Our script

What is Social Engineering?

Golden rules to protect our selves

What are trojan horse and worms?

Who are the target people?

What is reverse social engineering?

What is shoulder surfing?

Examples of Social Engineering Attacks

What is dumpster diving?

WHAT IS SOCIAL ENGINEERING?

Social engineering is the act of tricking someone into divulging information or taking action, usually through technology. The idea behind social engineering is to take advantage of a potential victim's natural tendencies and emotional reactions.

TARGET PEOPLE ON SOCIAL ENGINEERING ATTACKS:

a) People easy-to-reach and directly contact customers due to their work b) Senior executives and key staff who has confidential duty c) Staff who has weaknesses, suitable to be deceived and persuaded d) Friendly staff willing to be helpful e) Staff or construction in need of support f) Low loyalty staff - especially low-level employees who are difficult to grasp the organization's policies

TYPES OF SOCIAL ENGINEERING ATTACKS

SHOULDER SURFING

When we investigate shoulder surfing, we come across explanations such as "Tracking attacks while typing passwords or accessing restricted systems".Shoulder surfing is an application that involves observing an individual and collecting information without the knowledge or consent of the observed person. The meaning of this process is to look on someone else's shoulder to find out what someone is doing. In most cases, shoulder surfing refers to an activity associated with learning certain information that the observer can use for his or her own benefit.

DUMPSTER DIVING

Dumpster diving is looking for treasure in someone else's trash. (A dumpster is a large trash container.) In the world of information technology, dumpster diving is a technique used to retrieve information that could be used to carry out an attack on a computer network. Dumpster diving isn't limited to searching through the trash for obvious treasures like access codes or passwords written down on sticky notes. Seemingly innocent information like a phone list, calendar, or organizational chart can be used to assist an attacker using social engineering techniques to gain access to the network.

ROLE PLAYING

In this method, the person introduces himself as an authorized person (prosecutor, police, etc.) and tries to reach your account by treating you in good faith. On the phone A social engineer might call and pretend to be a fellow employee or a trusted outside authority (such as law enforcement or an auditor).

+ info

PHISHING ATTACKS

Phishing attackers pretend to be a trusted institution or individual in an attempt to persuade you to expose personal data and other valuables. Whether it’s a direct communication or via a fake website form, anything you share goes directly into a scammer’s pocket. You may even be fooled into a malware download containing the next stage of the phishing attack.

PHISHING ATTACKS

Phishing sites can be prepared for different reasons; Password stealing Remote code stealing Creating a Slave (Zombie) computerMethods used in phishing Voice phishing phone calls SMS phishing Email phishing Angler phishing on social media Search engine phishing URL phishing In-session phishing web browsing ,pop-ups Fax- based phishing

Trojan Horse: A type of malware disguised as legitimate software that claims a malicious program is useful. This software is often used by cybercriminals trying to break into users' systems. Worms: A type of malware that replicates itself and spreads to other computers. This process happens automatically

REVERSE SOCIAL ENGINEERING

A reverse social engineering attack is a person-to-person attack in which an attacker convinces the target that he or she has a problem or might have a certain problem in the future and that he, the attacker, is ready to help solve the problem.

EXAMPLES OF SOCIAL ENGINEERING ATTACKS

EXAMPLES OF SOCIAL ENGINEERING ATTACKS

EXAMPLES OF SOCIAL ENGINEERING ATTACKS

EXAMPLES OF SOCIAL ENGINEERING ATTACKS

OUR SCRIPT

Here are some sites and scan results

Hey you!!!You are really lucky today. Do you want to benefit from special gifts for Valentine's Day? You can join the lottery by clicking the link below. There are gifts for everyone in this lottery. But if you think the link is malware, you can take a look at these scan results.

7 GOLDEN RULES!!!!

HOW TO PROTECT OURSELVES

SEVEN GOLDEN RULES

STRUGGLING WITH FAKE NEWS AND UNCONFIRMED INFORMATION

1.RULE

3.RULE

2.RULE

RESEARCH

ATTENTION!!!

RELIABLE SOURCE

Access the information from official sources' descriptions via official websites.

Make sure that the creation date of the news is up to date !!

Search the source of the news

4.RULE

6.RULE

5.RULE

QUESTIONING

SUPPORT

VERIFICATION

Get support from news verification platforms to verify the news

Verify information from different sources and do not rely on unverified information

Read and question the news content from an objective perspective

7.RULE

SHARING

Do not post any suspicious or unconfirmed information without any source. Think twice before you share.

Thanks for your attention!