SlideShare a Scribd company logo

security problems. social.engineering.harmfull.2025.ppt

Download as PPT, PDF
H
halosidiq1

computer security, the protection of computer systems and information from harm, theft, and unauthorized use. Computer hardware is typically protected by the same means used to protect other valuable or sensitive equipment—namely, serial numbers, doors and locks, and alarms

Science
1 of 11
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
SECURITY AND SOCIAL SECURITY AND SOCIAL ENGINEERING ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say Something! 1
Objectives Understand the principles of social engineering Define the goals of social engineering Recognize the signs of social engineering Identify ways to protect yourself from social engineering Security is Everyone's Responsibility – See Something, Say Something! 2
What is Social Engineering 1. At its core it is manipulating a person into knowingly or unknowingly giving up information; essentially 'hacking' into a person to steal valuable information. • Psychological manipulation • Trickery or Deception for the purpose of information gathering Security is Everyone's Responsibility – See Something, Say Something! 3
What is Social Engineering 2. It is a way for criminals to gain access to information systems. The purpose of social engineering is usually to secretly install spyware, other malicious software or to trick persons into handing over passwords and/or other sensitive financial or personal information Security is Everyone's Responsibility – See Something, Say Something! 4
What is Social Engineering 3. Social engineering is one of the most effective routes to stealing confidential data from organizations, according to Siemens Enterprise Communications, based in Germany. In a recent Siemens test, 85 percent of office workers were duped by engineering. “Most employees are utterly unaware that they are being manipulated,” says Colin Greenlees, security and counter-fraud consultant at Siemens. Security is Everyone's Responsibility – See Something, Say Something! 5
What are they looking for • Obtaining simple information such as your pet's name, where you're from, the places you've visited; information that you'd give out freely to your friends. – Think of yourself as a walking computer, full of valuable information about yourself. You've got a name, address, and valuables. Now categorize those items like a business does. Personally identifiable data, financial information, cardholder data, health insurance data, credit reporting data, and so on… Security is Everyone's Responsibility – See Something, Say Something! 6
What are they looking for • Take a close look at some of the 'secure' sites you log into. Some have a 'secret question' you have to answer, if you cannot remember your username or password. The questions seem pretty tough for an outsider looking into trying to hack into your account. What's the name of your first pet? What is your maiden name? When was your mother/father born? Where were you born? Do these sound familiar? Security is Everyone's Responsibility – See Something, Say Something! 7
Tactics 1. Pretexting – Creating a fake scenario 2. Phishing – Send out bait to fool victims into giving away their information 3. Fake Websites – Molded to look like the real thing. Log in with real credentials that are now compromised 4. Fake Pop-up – Pops up in front of real web site to obtain user credentials Security is Everyone's Responsibility – See Something, Say Something! 8
Protecting Yourself A security aware culture can help employees identify and repel social engineering attacks  Recognize inappropriate requests for information  Take ownership for corporate security  Understand risk and impact of security breeches  Social engineering attacks are personal  Password management  Two factor authentication  Physical security  Understand what information you are putting on the Web for targeting at social network sites Google Twitter MySpace Facebook Personal Blogs LinkedIn Security is Everyone's Responsibility – See Something, Say Something! 9
Protecting Yourself 1. Network defenses to repel virus • Virus protection (McAfee, Norton, Symantec, etc…) • Email attachment scanning • Firewalls, etc… 2. Organizations must decide what information is sensitive 3. Security must be periodically tested 4. Contact your security office immediately if you have any concerns at work Security is Everyone's Responsibility – See Something, Say Something! 10
Security is Everyone's Responsibility – See Something, Say Something! 11

More Related Content

PPT
Ia 124 1621324160 ia_124_lecture_02
ITNet
 
PDF
What is social engineering.pdf
uzair
 
PDF
- Social Engineering Unit- II Part- I.pdf
Ramya Nellutla
 
PPTX
Social engineering
Alexander Zhuravlev
 
PDF
White Paper: Social Engineering and Cyber Attacks: The Psychology of Deception
EMC
 
PDF
Customer information security awareness training
AbdalrhmanTHassan
 
PPT
Social Engineering threats and concern.ppt
asalahuddin317
 
PDF
National Life IT Department's Cyber Security Awareness Presentation
Jamie Proctor-Brassard
 
Ia 124 1621324160 ia_124_lecture_02
ITNet
 
What is social engineering.pdf
uzair
 
- Social Engineering Unit- II Part- I.pdf
Ramya Nellutla
 
Social engineering
Alexander Zhuravlev
 
White Paper: Social Engineering and Cyber Attacks: The Psychology of Deception
EMC
 
Customer information security awareness training
AbdalrhmanTHassan
 
Social Engineering threats and concern.ppt
asalahuddin317
 
National Life IT Department's Cyber Security Awareness Presentation
Jamie Proctor-Brassard
 

Similar to security problems. social.engineering.harmfull.2025.ppt (20)

PDF
Social Engineering Basics
Luke Rusten
 
PDF
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Richard Common
 
PPTX
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
BarakaMuyengi
 
PPT
DNR-Security-Awareness-Training expert.ppt
pdffree25
 
PPTX
Social engineering presentation
pooja_doshi
 
PDF
Introduction to information security
Harish Jangid
 
PPTX
TheCyberThreatAndYou2_deck.pptx
KevinRiley83
 
PDF
Social Engineering.pdf
MeshalALshammari12
 
PDF
Social engineering attacks
Ramiro Cid
 
PPT
Social Engineering | #ARMSec2015
Hovhannes Aghajanyan
 
PDF
Combating Phishing Attacks
Rapid7
 
PPT
3 Most Common Threats Of Information Security
Ana Meskovska
 
PPTX
Social engineering-Attack of the Human Behavior
James Krusic
 
PPTX
7 social engineering and insider threats
mohamad Hamizi
 
PPTX
Cyber Security Awareness
Innocent Korie
 
PDF
What Are Social Engineering Attacks .pdf
Sysvoot Antivirus
 
PDF
Airport IT&T 2013 John McCarthy
Russell Publishing
 
PPSX
Social Engineering - Are You Protecting Your Data Enough?
JamRivera1
 
PPTX
NENA 2017 Doxing and Social Engineering
Jack Kessler
 
PDF
Ethical Hacking and Cyber Security
Neeraj Negi
 
Social Engineering Basics
Luke Rusten
 
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Richard Common
 
CYBER SECURITY AND CYBER CRIME COMPLETE GUIDE.pLptx
BarakaMuyengi
 
DNR-Security-Awareness-Training expert.ppt
pdffree25
 
Social engineering presentation
pooja_doshi
 
Introduction to information security
Harish Jangid
 
TheCyberThreatAndYou2_deck.pptx
KevinRiley83
 
Social Engineering.pdf
MeshalALshammari12
 
Social engineering attacks
Ramiro Cid
 
Social Engineering | #ARMSec2015
Hovhannes Aghajanyan
 
Combating Phishing Attacks
Rapid7
 
3 Most Common Threats Of Information Security
Ana Meskovska
 
Social engineering-Attack of the Human Behavior
James Krusic
 
7 social engineering and insider threats
mohamad Hamizi
 
Cyber Security Awareness
Innocent Korie
 
What Are Social Engineering Attacks .pdf
Sysvoot Antivirus
 
Airport IT&T 2013 John McCarthy
Russell Publishing
 
Social Engineering - Are You Protecting Your Data Enough?
JamRivera1
 
NENA 2017 Doxing and Social Engineering
Jack Kessler
 
Ethical Hacking and Cyber Security
Neeraj Negi
 
Ad

More from halosidiq1 (18)

PPT
fundamental of computer security.2024.ppt
halosidiq1
 
PPT
social.engineering.harmfull.computer security.2025.ppt
halosidiq1
 
PPT
fundamental of security.is there any security problems..2024.ppt
halosidiq1
 
PPT
networking point to point networking is the best .2024.ppt
halosidiq1
 
PPT
netwoking from the start networking is the best .ppt
halosidiq1
 
PPT
baisic.networking.2024 networking is the best.ppt
halosidiq1
 
PPT
my net security and its models which are explained here
halosidiq1
 
PPT
new.technique.column transposional CTi college.ppt
halosidiq1
 
PPT
row.coliumn,transitio,.Polyetchnical.colleage.ppt
halosidiq1
 
PPT
symet.crypto.hill.cipher.2023.ppt
halosidiq1
 
PPTX
CTI.Vigenir Cipher.pptx
halosidiq1
 
PPT
my lecture 21.network security.2023.ppt
halosidiq1
 
PPT
My Project on Cryptograpghy.2023.ppt
halosidiq1
 
PPTX
my.Light weight cryptography.2023.pptx
halosidiq1
 
PPT
MyCryptography.2023.ppt
halosidiq1
 
PPT
MyTutorialON Cryptography.ppt
halosidiq1
 
PPT
new.deadlock.ppt
halosidiq1
 
PPTX
CNF.Chap.5.pptx
halosidiq1
 
fundamental of computer security.2024.ppt
halosidiq1
 
social.engineering.harmfull.computer security.2025.ppt
halosidiq1
 
fundamental of security.is there any security problems..2024.ppt
halosidiq1
 
networking point to point networking is the best .2024.ppt
halosidiq1
 
netwoking from the start networking is the best .ppt
halosidiq1
 
baisic.networking.2024 networking is the best.ppt
halosidiq1
 
my net security and its models which are explained here
halosidiq1
 
new.technique.column transposional CTi college.ppt
halosidiq1
 
row.coliumn,transitio,.Polyetchnical.colleage.ppt
halosidiq1
 
symet.crypto.hill.cipher.2023.ppt
halosidiq1
 
CTI.Vigenir Cipher.pptx
halosidiq1
 
my lecture 21.network security.2023.ppt
halosidiq1
 
My Project on Cryptograpghy.2023.ppt
halosidiq1
 
my.Light weight cryptography.2023.pptx
halosidiq1
 
MyCryptography.2023.ppt
halosidiq1
 
MyTutorialON Cryptography.ppt
halosidiq1
 
new.deadlock.ppt
halosidiq1
 
CNF.Chap.5.pptx
halosidiq1
 
Ad

Recently uploaded (20)

PPT
THE CELL THEORY AND ITS FUNDAMENTALS AND USE
nctpcctv
 
PPTX
perinatal infections 2-171220190027.pptx
PoojithaPotnuru1
 
PDF
BET Eukaryotic signal Transduction BET Eukaryotic signal Transduction.pdf
enreddy1
 
PPTX
TORCH INFECTIONS in pregnancy with toxoplasma
sumansachdev98
 
PDF
The Land of Punt — A research by Dhani Irwanto
Dhani Irwanto
 
PPTX
Understanding the Circulatory System……..
Sibongokuhle1
 
PPTX
ap-psych-ch-1-introduction-to-psychology-presentation.pptx
sz664
 
PDF
Unit 5 Preparations, Reactions, Properties and Isomersim of Organic Compounds...
fliwertyfw154
 
PPT
LEC Synthetic Biology and its application.ppt
Hassan Yousaf
 
PDF
Placing the Near-Earth Object Impact Probability in Context
Sérgio Sacani
 
PDF
Warm, water-depleted rocky exoplanets with surfaceionic liquids: A proposed c...
Sérgio Sacani
 
PPTX
Introcution to Microbes Burton's Biology for the Health
fliwertyfw154
 
PPT
Presentation of a Romanian Institutee 2.
TeodoraRusu3
 
PPTX
Seminar Hypertension and Kidney diseases.pptx
johnsalaoudine
 
PPTX
Fluid dynamics vivavoce presentation of prakash
ssuser9878d0
 
PDF
Cosmic Outliers: Low-spin Halos Explain the Abundance, Compactness, and Redsh...
Sérgio Sacani
 
PPTX
A powerpoint on colorectal cancer with brief background
lilmiceman
 
PDF
CHAPTER 3 Cell Structures and Their Functions Lecture Outline.pdf
DaniseNobrera
 
PDF
Looking into the jet cone of the neutrino-associated very high-energy blazar ...
Sérgio Sacani
 
PPTX
Welcome-grrewfefweg-students-of-2024.pptx
rhyshryrochroyeras
 
THE CELL THEORY AND ITS FUNDAMENTALS AND USE
nctpcctv
 
perinatal infections 2-171220190027.pptx
PoojithaPotnuru1
 
BET Eukaryotic signal Transduction BET Eukaryotic signal Transduction.pdf
enreddy1
 
TORCH INFECTIONS in pregnancy with toxoplasma
sumansachdev98
 
The Land of Punt — A research by Dhani Irwanto
Dhani Irwanto
 
Understanding the Circulatory System……..
Sibongokuhle1
 
ap-psych-ch-1-introduction-to-psychology-presentation.pptx
sz664
 
Unit 5 Preparations, Reactions, Properties and Isomersim of Organic Compounds...
fliwertyfw154
 
LEC Synthetic Biology and its application.ppt
Hassan Yousaf
 
Placing the Near-Earth Object Impact Probability in Context
Sérgio Sacani
 
Warm, water-depleted rocky exoplanets with surfaceionic liquids: A proposed c...
Sérgio Sacani
 
Introcution to Microbes Burton's Biology for the Health
fliwertyfw154
 
Presentation of a Romanian Institutee 2.
TeodoraRusu3
 
Seminar Hypertension and Kidney diseases.pptx
johnsalaoudine
 
Fluid dynamics vivavoce presentation of prakash
ssuser9878d0
 
Cosmic Outliers: Low-spin Halos Explain the Abundance, Compactness, and Redsh...
Sérgio Sacani
 
A powerpoint on colorectal cancer with brief background
lilmiceman
 
CHAPTER 3 Cell Structures and Their Functions Lecture Outline.pdf
DaniseNobrera
 
Looking into the jet cone of the neutrino-associated very high-energy blazar ...
Sérgio Sacani
 
Welcome-grrewfefweg-students-of-2024.pptx
rhyshryrochroyeras
 

security problems. social.engineering.harmfull.2025.ppt

  • 1. SECURITY AND SOCIAL SECURITY AND SOCIAL ENGINEERING ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say Something! 1
  • 2. Objectives Understand the principles of social engineering Define the goals of social engineering Recognize the signs of social engineering Identify ways to protect yourself from social engineering Security is Everyone's Responsibility – See Something, Say Something! 2
  • 3. What is Social Engineering 1. At its core it is manipulating a person into knowingly or unknowingly giving up information; essentially 'hacking' into a person to steal valuable information. • Psychological manipulation • Trickery or Deception for the purpose of information gathering Security is Everyone's Responsibility – See Something, Say Something! 3
  • 4. What is Social Engineering 2. It is a way for criminals to gain access to information systems. The purpose of social engineering is usually to secretly install spyware, other malicious software or to trick persons into handing over passwords and/or other sensitive financial or personal information Security is Everyone's Responsibility – See Something, Say Something! 4
  • 5. What is Social Engineering 3. Social engineering is one of the most effective routes to stealing confidential data from organizations, according to Siemens Enterprise Communications, based in Germany. In a recent Siemens test, 85 percent of office workers were duped by engineering. “Most employees are utterly unaware that they are being manipulated,” says Colin Greenlees, security and counter-fraud consultant at Siemens. Security is Everyone's Responsibility – See Something, Say Something! 5
  • 6. What are they looking for • Obtaining simple information such as your pet's name, where you're from, the places you've visited; information that you'd give out freely to your friends. – Think of yourself as a walking computer, full of valuable information about yourself. You've got a name, address, and valuables. Now categorize those items like a business does. Personally identifiable data, financial information, cardholder data, health insurance data, credit reporting data, and so on… Security is Everyone's Responsibility – See Something, Say Something! 6
  • 7. What are they looking for • Take a close look at some of the 'secure' sites you log into. Some have a 'secret question' you have to answer, if you cannot remember your username or password. The questions seem pretty tough for an outsider looking into trying to hack into your account. What's the name of your first pet? What is your maiden name? When was your mother/father born? Where were you born? Do these sound familiar? Security is Everyone's Responsibility – See Something, Say Something! 7
  • 8. Tactics 1. Pretexting – Creating a fake scenario 2. Phishing – Send out bait to fool victims into giving away their information 3. Fake Websites – Molded to look like the real thing. Log in with real credentials that are now compromised 4. Fake Pop-up – Pops up in front of real web site to obtain user credentials Security is Everyone's Responsibility – See Something, Say Something! 8
  • 9. Protecting Yourself A security aware culture can help employees identify and repel social engineering attacks  Recognize inappropriate requests for information  Take ownership for corporate security  Understand risk and impact of security breeches  Social engineering attacks are personal  Password management  Two factor authentication  Physical security  Understand what information you are putting on the Web for targeting at social network sites Google Twitter MySpace Facebook Personal Blogs LinkedIn Security is Everyone's Responsibility – See Something, Say Something! 9
  • 10. Protecting Yourself 1. Network defenses to repel virus • Virus protection (McAfee, Norton, Symantec, etc…) • Email attachment scanning • Firewalls, etc… 2. Organizations must decide what information is sensitive 3. Security must be periodically tested 4. Contact your security office immediately if you have any concerns at work Security is Everyone's Responsibility – See Something, Say Something! 10
  • 11. Security is Everyone's Responsibility – See Something, Say Something! 11