SlideShare ist ein Scribd-Unternehmen logo

Social Engineering

Als PPTX, PDF herunterladen
n|u - The Open Security Community
n|u - The Open Security Community

Social Engineering by Shobhit Gautam @ null Mumbai Meet, September 2011

TechnologieBusiness
1 von 13
Social Engineering (Because there is no patch for human stupidity) By: Shobhit Gautam Twitter @sh0bhit105
What Is Social Engineering? The art of manipulating people and getting them to do what you want. “Social Engineering - A euphemism for non-technical or low-technology means - such as lies, impersonation, tricks, bribes, blackmail, and threat - used to attack information systems.” "Social engineering" as an act of psychological manipulation was popularized by hacker-turned-consultant Kevin Mitnick.
Common Types of Social Engineering Human-based Computer-based
Personality Traits Diffusion of responsibility Chance for ingratiation Trust relationship Moral duty Guilt Identification Desire to be Helpful Cooperation
Techniques for persuasion A Direct Route Systematic and logical statement A Peripheral Route Beat around the Bush Trigger strong emotions such as fear and excitement.
Human Based methods Impersonating Intimidation Creating confusion May I help you? Can you help me? Building Trust Ask and It shall be given unto you seek and ye shall find. Dumpster Diving
Computer Based Popup Windows Mail attachments Spam, Chain Letters and Hoaxes Phishing Websites USB devices Key loggers
Social Engineering Toolkit The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has incorporated attacks never before seen in an exploitation toolset. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.
./set
How to Identify A Social Engineer? Does not provide contact information Always asks for forbidden information Rushing Activities Name-dropping Intimidation Observe for Small mistakes
Mitigation Shredders Policies and Procedures Awareness Updated patches and Anti Viruses/Malwares
NOW

Empfohlen

Social engineering
Social engineering Social engineering
Social engineering Vîñàý Pãtêl
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorJames Krusic
 
Social engineering
Social engineering Social engineering
Social engineering Abdelhamid Limami
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityAkash Dhiman
 
Social engineering
Social engineeringSocial engineering
Social engineeringRobert Hood
 
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hackingmsaksida
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacksRamiro Cid
 
Social engineering
Social engineeringSocial engineering
Social engineeringVishal Kumar
 

Empfohlen

Social engineering
Social engineering Social engineering
Social engineering Vîñàý Pãtêl
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorJames Krusic
 
Social engineering
Social engineering Social engineering
Social engineering Abdelhamid Limami
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityAkash Dhiman
 
Social engineering
Social engineeringSocial engineering
Social engineeringRobert Hood
 
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hackingmsaksida
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacksRamiro Cid
 
Social engineering
Social engineeringSocial engineering
Social engineeringVishal Kumar
 
What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.Pratum
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeMuhammad Osama Khalid
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attackPankaj Dubey
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Social engineering
Social engineeringSocial engineering
Social engineeringAlexander Zhuravlev
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Hacking
HackingHacking
Hackingj naga sai
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...ABHAY PATHAK
 
Social engineering
Social engineeringSocial engineering
Social engineeringMaulik Kotak
 
Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security ritik shukla
 
Social engineering
Social engineeringSocial engineering
Social engineeringankushmohanty
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
Cyber security 07
Cyber security 07Cyber security 07
Cyber security 07Habib Siddiqui
 
Cyber crime and Security
Cyber crime and SecurityCyber crime and Security
Cyber crime and SecurityGreater Noida Institute Of Technology
 
Hacking
HackingHacking
Hackingpranav patade
 
cyber security
cyber security cyber security
cyber security NiharikaVoleti
 
Social engineering
Social engineeringSocial engineering
Social engineeringVishal Kumar
 
Cognitive security: all the other things
Cognitive security: all the other thingsCognitive security: all the other things
Cognitive security: all the other thingsSara-Jayne Terp
 
Unlocking the Hidden Potential
Unlocking the Hidden PotentialUnlocking the Hidden Potential
Unlocking the Hidden PotentialEricaCiko
 

Weitere ähnliche Inhalte

Was ist angesagt?

What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.Pratum
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attackPankaj Dubey
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...ABHAY PATHAK
 
Social engineering
Social engineeringSocial engineering
Social engineeringMaulik Kotak
 
Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security ritik shukla
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
Social engineering
Social engineeringSocial engineering
Social engineeringVishal Kumar
 

Was ist angesagt? (20)

What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attack
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber security
 
Hacking
HackingHacking
Hacking
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security 07
Cyber security 07Cyber security 07
Cyber security 07
 
Cyber crime and Security
Cyber crime and SecurityCyber crime and Security
Cyber crime and Security
 
Hacking
HackingHacking
Hacking
 
cyber security
cyber security cyber security
cyber security
 
Social engineering
Social engineeringSocial engineering
Social engineering
 

Ähnlich wie Social Engineering

Cognitive security: all the other things
Cognitive security: all the other thingsCognitive security: all the other things
Cognitive security: all the other thingsSara-Jayne Terp
 
Unlocking the Hidden Potential
Unlocking the Hidden PotentialUnlocking the Hidden Potential
Unlocking the Hidden PotentialEricaCiko
 
Social Networks And Phishing
Social Networks And PhishingSocial Networks And Phishing
Social Networks And Phishingecarrow
 
Cyberterrorism can be in the form of Information attacks which a.docx
Cyberterrorism can be in the form of Information attacks which a.docxCyberterrorism can be in the form of Information attacks which a.docx
Cyberterrorism can be in the form of Information attacks which a.docxwhittemorelucilla
 
White Paper: Social Engineering and Cyber Attacks: The Psychology of Deception
White Paper: Social Engineering and Cyber Attacks: The Psychology of DeceptionWhite Paper: Social Engineering and Cyber Attacks: The Psychology of Deception
White Paper: Social Engineering and Cyber Attacks: The Psychology of DeceptionEMC
 
Sj terp emerging tech radar
Sj terp emerging tech radarSj terp emerging tech radar
Sj terp emerging tech radarSaraJayneTerp
 
Social Engineering by Riziq Ramadani
Social Engineering by Riziq RamadaniSocial Engineering by Riziq Ramadani
Social Engineering by Riziq RamadaniRiziqRamadani
 
The Patriot Act Title Vii Section 814 And 816
The Patriot Act Title Vii Section 814 And 816The Patriot Act Title Vii Section 814 And 816
The Patriot Act Title Vii Section 814 And 816Nicole Fields
 
Some Perspective on Hackers
Some Perspective on HackersSome Perspective on Hackers
Some Perspective on HackersRandi Lovelett
 
An Introduction to Maskirovka aka Information Operations
An Introduction to Maskirovka aka Information OperationsAn Introduction to Maskirovka aka Information Operations
An Introduction to Maskirovka aka Information OperationsHeather Vescent
 
The Future of Communication Artificial Intelligence and Social Networks.pdf
The Future of Communication Artificial Intelligence and Social Networks.pdfThe Future of Communication Artificial Intelligence and Social Networks.pdf
The Future of Communication Artificial Intelligence and Social Networks.pdfTina652927
 
20240414 QFM012 Irresponsible AI Reading List March 2024
20240414 QFM012 Irresponsible AI Reading List March 202420240414 QFM012 Irresponsible AI Reading List March 2024
20240414 QFM012 Irresponsible AI Reading List March 2024Matthew Sinclair
 
Cyber crimes its classifications and preventions
Cyber crimes its classifications and preventionsCyber crimes its classifications and preventions
Cyber crimes its classifications and preventionsMd. Baharul Islam
 
No plagiarism very importantNeed responses to my teamates discus.docx
No plagiarism very importantNeed responses to my teamates discus.docxNo plagiarism very importantNeed responses to my teamates discus.docx
No plagiarism very importantNeed responses to my teamates discus.docxhallettfaustina
 
ethical hacking tutorial a beginners guide.pptx
ethical hacking tutorial a beginners guide.pptxethical hacking tutorial a beginners guide.pptx
ethical hacking tutorial a beginners guide.pptxNarangYadav
 
Ethical hacking 2016
Ethical hacking 2016 Ethical hacking 2016
Ethical hacking 2016 arohan6
 

Ähnlich wie Social Engineering (20)

Cognitive security: all the other things
Cognitive security: all the other thingsCognitive security: all the other things
Cognitive security: all the other things
 
Unlocking the Hidden Potential
Unlocking the Hidden PotentialUnlocking the Hidden Potential
Unlocking the Hidden Potential
 
Social Networks And Phishing
Social Networks And PhishingSocial Networks And Phishing
Social Networks And Phishing
 
Cyberterrorism can be in the form of Information attacks which a.docx
Cyberterrorism can be in the form of Information attacks which a.docxCyberterrorism can be in the form of Information attacks which a.docx
Cyberterrorism can be in the form of Information attacks which a.docx
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
White Paper: Social Engineering and Cyber Attacks: The Psychology of Deception
White Paper: Social Engineering and Cyber Attacks: The Psychology of DeceptionWhite Paper: Social Engineering and Cyber Attacks: The Psychology of Deception
White Paper: Social Engineering and Cyber Attacks: The Psychology of Deception
 
Sj terp emerging tech radar
Sj terp emerging tech radarSj terp emerging tech radar
Sj terp emerging tech radar
 
Social Engineering by Riziq Ramadani
Social Engineering by Riziq RamadaniSocial Engineering by Riziq Ramadani
Social Engineering by Riziq Ramadani
 
Social Engineering : To Err is Human...
Social Engineering : To Err is Human...Social Engineering : To Err is Human...
Social Engineering : To Err is Human...
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering Basics
 
The Patriot Act Title Vii Section 814 And 816
The Patriot Act Title Vii Section 814 And 816The Patriot Act Title Vii Section 814 And 816
The Patriot Act Title Vii Section 814 And 816
 
Some Perspective on Hackers
Some Perspective on HackersSome Perspective on Hackers
Some Perspective on Hackers
 
An Introduction to Maskirovka aka Information Operations
An Introduction to Maskirovka aka Information OperationsAn Introduction to Maskirovka aka Information Operations
An Introduction to Maskirovka aka Information Operations
 
The Future of Communication Artificial Intelligence and Social Networks.pdf
The Future of Communication Artificial Intelligence and Social Networks.pdfThe Future of Communication Artificial Intelligence and Social Networks.pdf
The Future of Communication Artificial Intelligence and Social Networks.pdf
 
20240414 QFM012 Irresponsible AI Reading List March 2024
20240414 QFM012 Irresponsible AI Reading List March 202420240414 QFM012 Irresponsible AI Reading List March 2024
20240414 QFM012 Irresponsible AI Reading List March 2024
 
AI and disinfo (1).pdf
AI and disinfo (1).pdfAI and disinfo (1).pdf
AI and disinfo (1).pdf
 
Cyber crimes its classifications and preventions
Cyber crimes its classifications and preventionsCyber crimes its classifications and preventions
Cyber crimes its classifications and preventions
 
No plagiarism very importantNeed responses to my teamates discus.docx
No plagiarism very importantNeed responses to my teamates discus.docxNo plagiarism very importantNeed responses to my teamates discus.docx
No plagiarism very importantNeed responses to my teamates discus.docx
 
ethical hacking tutorial a beginners guide.pptx
ethical hacking tutorial a beginners guide.pptxethical hacking tutorial a beginners guide.pptx
ethical hacking tutorial a beginners guide.pptx
 
Ethical hacking 2016
Ethical hacking 2016 Ethical hacking 2016
Ethical hacking 2016
 

Mehr von n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

Mehr von n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Kürzlich hochgeladen

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 

Kürzlich hochgeladen (20)

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 

Social Engineering

  • 1. Social Engineering (Because there is no patch for human stupidity) By: Shobhit Gautam Twitter @sh0bhit105
  • 2. What Is Social Engineering? The art of manipulating people and getting them to do what you want. “Social Engineering - A euphemism for non-technical or low-technology means - such as lies, impersonation, tricks, bribes, blackmail, and threat - used to attack information systems.” "Social engineering" as an act of psychological manipulation was popularized by hacker-turned-consultant Kevin Mitnick.
  • 3. Common Types of Social Engineering Human-based Computer-based
  • 4. Personality Traits Diffusion of responsibility Chance for ingratiation Trust relationship Moral duty Guilt Identification Desire to be Helpful Cooperation
  • 5. Techniques for persuasion A Direct Route Systematic and logical statement A Peripheral Route Beat around the Bush Trigger strong emotions such as fear and excitement.
  • 6. Human Based methods Impersonating Intimidation Creating confusion May I help you? Can you help me? Building Trust Ask and It shall be given unto you seek and ye shall find. Dumpster Diving
  • 7. Computer Based Popup Windows Mail attachments Spam, Chain Letters and Hoaxes Phishing Websites USB devices Key loggers
  • 8. Social Engineering Toolkit The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. SET was written by David Kennedy (ReL1K) and with a lot of help from the community it has incorporated attacks never before seen in an exploitation toolset. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.
  • 9.
  • 10. ./set
  • 11. How to Identify A Social Engineer? Does not provide contact information Always asks for forbidden information Rushing Activities Name-dropping Intimidation Observe for Small mistakes
  • 12. Mitigation Shredders Policies and Procedures Awareness Updated patches and Anti Viruses/Malwares
  • 13. NOW