SlideShare a Scribd company logo

Social engineering by-rakesh-nagekar

R
Raghunath G

Social engineering is manipulating people into taking actions or revealing confidential information. It has been used for over 100 years by con artists known as social engineers. Popular social engineers from the 20th century included Victor Lustig, who sold the Eiffel Tower multiple times, and Frank Abagnale Jr., who impersonated professionals like pilots and lawyers. More recently, Kevin Mitnick used social engineering to gain unauthorized access to computer networks in the 1990s. Social engineering works by gathering information about targets, developing trust with them, then exploiting that trust to obtain information or actions. It is accomplished using techniques like phone calls, online chatting, looking through trash, and shoulder surfing. Organizations can help prevent social engineering by establishing frameworks for

TechnologyBusiness
1 of 25
Download to read offline
What is Social Engineering “The act of manipulating people into performing actions or divulging confidential information..” Wikipedia (also sourced on social-engineer.org)
Origin of “Social Engineering”  Social Engineering this word came in the year of 1894 by a Dutch guy.  Social Engineering is there 100 years ago also.  The person who do Social Engineering we call as Conn Artists
Some Popular Conn Artists in 20th Century
Victor Lustig  The person who sold the Eiffel Tower number of times.  Used current events.  He made a deal with Scrap Dealers, selling the structure to them for $40,000.  An extremely good deal for buyers – too good to be true
Hotel Ritz
Social Engineering 40-50 years ago
Frank Abagnale Jr
Frank Abagnale Jr  Fake pilot arrested in cockpit.  He acted as a Lawyer, Doctor and pilot.  Abagnale‟s cons were often check frauds.  Did it will work today ?
Social Engineering in 20th Century
Kevin Mitnick  20 years ago person named “Kevin Mitnick” brought social engineering in IT security.  He is an American Security Consultant, author, convicted criminal and Hacker.  According to US department of justice, Kevin gained unauthorized access to dozens of computer networks.
Weakest Link  People are the largest vulnerabilities in any network  Social engineering is based on decision making of human being
Motivation  There are variety of motivations exists which includes,  Financial Gain  Self-Interest  Revenge  External Pressure
Cycle of Events  It consists of 4 phases  Information Gathering  Developing Relationship  Execution  Exploitation
Information Gathering “If you know the enemy and know yourself you need not fear the results of a hundred battles” -Sun Tzu
Cycle of Events  Information Gathering  A Variety of techniques can be used by an aggressor to gather information about the target(s). Once gathered, this information can then be used to build a relationship with either the target or someone important to the success of the attack.  Developing Relationship  An aggressor may freely exploit the willingness of a target to be trusting in order to develop rapport with them. While developing this relationship, the aggressor will position himself into a position of trust which he will then exploit
Cycle of Events  Exploitation  The target may then be manipulated by the „trusted‟ aggressor to reveal information (e.g. passwords) or perform an action (e.g. creating an account or reversing telephone charges) that would not normally occur. This action could be the end of the attack or the beginning of the next stage.  Execution  Once the target has completed the task requested by the aggressor, the cycle is complete.
How Social Engineering is accomplished  Telephone  Online  Dumpster Diving  Shoulder Surfing  Reverse Social Engineering  Persuasion
How Social Engineering is accomplished  Telephone  Using telephones to contact individuals of a company to persuade them to divulge in confidential information.  Online  Persuading or gathering information through the use of an online chat.  Dumpster Diving  Looking for information discarded by a company employees.
How Social Engineering is accomplished  Shoulder Surfing  Simply looking over someone‟s shoulder while they are using a computer.  Reverse Social Engineering  This is a more advanced method of social engineering and is almost always successful.  Persuasion  Persuading someone to give your confidential information either by convincing them you are someone who can be trusted.
Biases  Biases are nothing but the deviations from a standard of rationality or good judgments.  There are many types of biasing, but these five are important ones:  Pretexting  Phishing  IVR or Phone Phishing  Baiting  Tailgating
Preventive Measures  Organizations must, on an employee/personnel level, establish frameworks of trust. (i.e., When/Where/Why/How should sensitive information be handled?)  Organizations must identify which information is sensitive and question its integrity in all forms. (i.e., Social Engineering, Building Security, Computer Security, etc.)  Organizations must establish security protocols for the people who handle sensitive information. (i.e., Paper-Trails for information disclosure and/or forensic crumbs)
Social engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekar

Recommended

Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Hovhannes Aghajanyan
 
Social engineering
Social engineeringSocial engineering
Social engineeringMaulik Kotak
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering BasicsLuke Rusten
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorJames Krusic
 
Social engineering
Social engineeringSocial engineering
Social engineeringankushmohanty
 
Social engineering
Social engineeringSocial engineering
Social engineeringRobert Hood
 
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hackingmsaksida
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attackPankaj Dubey
 

Recommended

Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Hovhannes Aghajanyan
 
Social engineering
Social engineeringSocial engineering
Social engineeringMaulik Kotak
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering BasicsLuke Rusten
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorJames Krusic
 
Social engineering
Social engineeringSocial engineering
Social engineeringankushmohanty
 
Social engineering
Social engineeringSocial engineering
Social engineeringRobert Hood
 
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hackingmsaksida
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attackPankaj Dubey
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...ABHAY PATHAK
 
Social engineering
Social engineering Social engineering
Social engineering Vîñàý Pãtêl
 
Social engineering
Social engineeringSocial engineering
Social engineeringAlexander Zhuravlev
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageMarin Ivezic
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineeringn|u - The Open Security Community
 
Social engineering
Social engineering Social engineering
Social engineering Abdelhamid Limami
 
Social Engineering new.pptx
Social Engineering new.pptxSocial Engineering new.pptx
Social Engineering new.pptxSanthosh Prabhu
 
Social engineering
Social engineeringSocial engineering
Social engineeringVishal Kumar
 
social engineering
social engineering social engineering
social engineeringRavi Patel
 
Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?JamRivera1
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineeringprimeteacher32
 
What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.Pratum
 
Network Security
Network Security Network Security
Network Security Abdul Qadir Pattal
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Anti phishing presentation
Anti phishing presentationAnti phishing presentation
Anti phishing presentationBokangMalunga
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacksRamiro Cid
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessCyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessArjith K Raj
 
Social Engineering
Social EngineeringSocial Engineering
Social EngineeringPaul Devassy, CPP
 
Oig 14 19-dec13 report on eb5 program
Oig 14 19-dec13 report on eb5 programOig 14 19-dec13 report on eb5 program
Oig 14 19-dec13 report on eb5 programJames Lavigne
 
Pengenalan Pillow Lava di Berbah,Sleman,Yogyakarta
Pengenalan Pillow Lava di Berbah,Sleman,YogyakartaPengenalan Pillow Lava di Berbah,Sleman,Yogyakarta
Pengenalan Pillow Lava di Berbah,Sleman,YogyakartaNicholas Vincento
 

More Related Content

What's hot

Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...ABHAY PATHAK
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageMarin Ivezic
 
Social Engineering new.pptx
Social Engineering new.pptxSocial Engineering new.pptx
Social Engineering new.pptxSanthosh Prabhu
 
Social engineering
Social engineeringSocial engineering
Social engineeringVishal Kumar
 
social engineering
social engineering social engineering
social engineeringRavi Patel
 
Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?JamRivera1
 
What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.Pratum
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Anti phishing presentation
Anti phishing presentationAnti phishing presentation
Anti phishing presentationBokangMalunga
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacksRamiro Cid
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessCyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessArjith K Raj
 

What's hot (20)

Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...
 
Social engineering
Social engineering Social engineering
Social engineering
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionage
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
Social engineering
Social engineering Social engineering
Social engineering
 
Social Engineering new.pptx
Social Engineering new.pptxSocial Engineering new.pptx
Social Engineering new.pptx
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
social engineering
social engineering social engineering
social engineering
 
Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.
 
Network Security
Network Security Network Security
Network Security
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscape
 
Anti phishing presentation
Anti phishing presentationAnti phishing presentation
Anti phishing presentation
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacks
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessCyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 

Viewers also liked

Oig 14 19-dec13 report on eb5 program
Oig 14 19-dec13 report on eb5 programOig 14 19-dec13 report on eb5 program
Oig 14 19-dec13 report on eb5 programJames Lavigne
 
Pengenalan Pillow Lava di Berbah,Sleman,Yogyakarta
Pengenalan Pillow Lava di Berbah,Sleman,YogyakartaPengenalan Pillow Lava di Berbah,Sleman,Yogyakarta
Pengenalan Pillow Lava di Berbah,Sleman,YogyakartaNicholas Vincento
 
Investor alert—investment scams exploit immigrant investor program
Investor alert—investment scams exploit immigrant investor programInvestor alert—investment scams exploit immigrant investor program
Investor alert—investment scams exploit immigrant investor programJames Lavigne
 
Securitynewsbytes april2015-150418153901-conversion-gate01
Securitynewsbytes april2015-150418153901-conversion-gate01Securitynewsbytes april2015-150418153901-conversion-gate01
Securitynewsbytes april2015-150418153901-conversion-gate01Raghunath G
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthanRaghunath G
 
Nomadic Display Instand Instructions
Nomadic Display Instand InstructionsNomadic Display Instand Instructions
Nomadic Display Instand InstructionsNomadic Display
 
Heartbleed by-danish amber
Heartbleed by-danish amberHeartbleed by-danish amber
Heartbleed by-danish amberRaghunath G
 
CSM Storage Debugging
CSM Storage DebuggingCSM Storage Debugging
CSM Storage DebuggingzOSCommserver
 
88001174636 Marvella city in haridwar
88001174636 Marvella city in haridwar 88001174636 Marvella city in haridwar
88001174636 Marvella city in haridwar Marvella city
 
So you want to retire in florida 1997 far
So you want to retire in florida 1997 farSo you want to retire in florida 1997 far
So you want to retire in florida 1997 farJames Lavigne
 
Marvella city a complete township in haridwar
Marvella city a complete township in haridwarMarvella city a complete township in haridwar
Marvella city a complete township in haridwarMarvella city
 
The Art of Social Media: Tips & Tricks
The Art of Social Media: Tips & TricksThe Art of Social Media: Tips & Tricks
The Art of Social Media: Tips & Trickssteffan
 
Nomadic Display Set Up HangTen
Nomadic Display Set Up HangTenNomadic Display Set Up HangTen
Nomadic Display Set Up HangTenNomadic Display
 
Buying a business in florida
Buying a business in floridaBuying a business in florida
Buying a business in floridaJames Lavigne
 
Example problems Binomial Multiplication
Example problems Binomial MultiplicationExample problems Binomial Multiplication
Example problems Binomial MultiplicationRachel Monaco
 
Uga Webinar Series: building credibility as a young professional
Uga Webinar Series: building credibility as a young professionalUga Webinar Series: building credibility as a young professional
Uga Webinar Series: building credibility as a young professionalsteffan
 
World Cup! Young Germany Guest Blogging
World Cup! Young Germany Guest BloggingWorld Cup! Young Germany Guest Blogging
World Cup! Young Germany Guest Bloggingsteffan
 

Viewers also liked (20)

Oig 14 19-dec13 report on eb5 program
Oig 14 19-dec13 report on eb5 programOig 14 19-dec13 report on eb5 program
Oig 14 19-dec13 report on eb5 program
 
Pengenalan Pillow Lava di Berbah,Sleman,Yogyakarta
Pengenalan Pillow Lava di Berbah,Sleman,YogyakartaPengenalan Pillow Lava di Berbah,Sleman,Yogyakarta
Pengenalan Pillow Lava di Berbah,Sleman,Yogyakarta
 
Investor alert—investment scams exploit immigrant investor program
Investor alert—investment scams exploit immigrant investor programInvestor alert—investment scams exploit immigrant investor program
Investor alert—investment scams exploit immigrant investor program
 
Securitynewsbytes april2015-150418153901-conversion-gate01
Securitynewsbytes april2015-150418153901-conversion-gate01Securitynewsbytes april2015-150418153901-conversion-gate01
Securitynewsbytes april2015-150418153901-conversion-gate01
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthan
 
Nomadic Display Instand Instructions
Nomadic Display Instand InstructionsNomadic Display Instand Instructions
Nomadic Display Instand Instructions
 
Lockout
LockoutLockout
Lockout
 
Example problems
Example problemsExample problems
Example problems
 
Heartbleed by-danish amber
Heartbleed by-danish amberHeartbleed by-danish amber
Heartbleed by-danish amber
 
CSM Storage Debugging
CSM Storage DebuggingCSM Storage Debugging
CSM Storage Debugging
 
88001174636 Marvella city in haridwar
88001174636 Marvella city in haridwar 88001174636 Marvella city in haridwar
88001174636 Marvella city in haridwar
 
So you want to retire in florida 1997 far
So you want to retire in florida 1997 farSo you want to retire in florida 1997 far
So you want to retire in florida 1997 far
 
Marvella city a complete township in haridwar
Marvella city a complete township in haridwarMarvella city a complete township in haridwar
Marvella city a complete township in haridwar
 
The Art of Social Media: Tips & Tricks
The Art of Social Media: Tips & TricksThe Art of Social Media: Tips & Tricks
The Art of Social Media: Tips & Tricks
 
Nomadic Display Set Up HangTen
Nomadic Display Set Up HangTenNomadic Display Set Up HangTen
Nomadic Display Set Up HangTen
 
Buying a business in florida
Buying a business in floridaBuying a business in florida
Buying a business in florida
 
Example problems Binomial Multiplication
Example problems Binomial MultiplicationExample problems Binomial Multiplication
Example problems Binomial Multiplication
 
Raspberry pi 2
Raspberry pi 2Raspberry pi 2
Raspberry pi 2
 
Uga Webinar Series: building credibility as a young professional
Uga Webinar Series: building credibility as a young professionalUga Webinar Series: building credibility as a young professional
Uga Webinar Series: building credibility as a young professional
 
World Cup! Young Germany Guest Blogging
World Cup! Young Germany Guest BloggingWorld Cup! Young Germany Guest Blogging
World Cup! Young Germany Guest Blogging
 

Similar to Social engineering by-rakesh-nagekar

Social Engineering By Rakesh Nagekar
Social Engineering By Rakesh NagekarSocial Engineering By Rakesh Nagekar
Social Engineering By Rakesh Nagekarnforceit
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyRussell Publishing
 
Data security concepts chapter 2
Data security concepts chapter 2Data security concepts chapter 2
Data security concepts chapter 2Nickkisha Farrell
 
Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"abercius24
 
Why is cybersecurity important for the entertainment industry
Why is cybersecurity important for the entertainment industry Why is cybersecurity important for the entertainment industry
Why is cybersecurity important for the entertainment industry Lisa Stockley
 
Social engineering 101 or The Art of How You Got Owned by That Random Stranger
Social engineering 101 or The Art of How You Got Owned by That Random StrangerSocial engineering 101 or The Art of How You Got Owned by That Random Stranger
Social engineering 101 or The Art of How You Got Owned by That Random StrangerSteven Hatfield
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering OWASP Foundation
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptCakraWicaksono3
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptpixvilx
 
- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdf- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdfRamya Nellutla
 
cyber security.pptx
cyber security.pptxcyber security.pptx
cyber security.pptxTapan Khilar
 
What is social engineering.pdf
What is social engineering.pdfWhat is social engineering.pdf
What is social engineering.pdfuzair
 
Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)Kolluru N Rao
 
Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)CA.Kolluru Narayanarao
 
34088.Chapter-2.pptx
34088.Chapter-2.pptx34088.Chapter-2.pptx
34088.Chapter-2.pptxNAVEEN128672
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNcell
 

Similar to Social engineering by-rakesh-nagekar (20)

Social Engineering By Rakesh Nagekar
Social Engineering By Rakesh NagekarSocial Engineering By Rakesh Nagekar
Social Engineering By Rakesh Nagekar
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
PACE-IT, Security+3.3: Summary of Social Engineering Attacks
PACE-IT, Security+3.3: Summary of Social Engineering AttacksPACE-IT, Security+3.3: Summary of Social Engineering Attacks
PACE-IT, Security+3.3: Summary of Social Engineering Attacks
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthy
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
Data security concepts chapter 2
Data security concepts chapter 2Data security concepts chapter 2
Data security concepts chapter 2
 
Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"
 
Why is cybersecurity important for the entertainment industry
Why is cybersecurity important for the entertainment industry Why is cybersecurity important for the entertainment industry
Why is cybersecurity important for the entertainment industry
 
Social engineering 101 or The Art of How You Got Owned by That Random Stranger
Social engineering 101 or The Art of How You Got Owned by That Random StrangerSocial engineering 101 or The Art of How You Got Owned by That Random Stranger
Social engineering 101 or The Art of How You Got Owned by That Random Stranger
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.ppt
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.ppt
 
Social Engineering 2.0
Social Engineering 2.0Social Engineering 2.0
Social Engineering 2.0
 
- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdf- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdf
 
cyber security.pptx
cyber security.pptxcyber security.pptx
cyber security.pptx
 
What is social engineering.pdf
What is social engineering.pdfWhat is social engineering.pdf
What is social engineering.pdf
 
Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)
 
Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)
 
34088.Chapter-2.pptx
34088.Chapter-2.pptx34088.Chapter-2.pptx
34088.Chapter-2.pptx
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 

More from Raghunath G

Securitynewsbytes
SecuritynewsbytesSecuritynewsbytes
SecuritynewsbytesRaghunath G
 
Whats app forensic
Whats app forensicWhats app forensic
Whats app forensicRaghunath G
 
Seh based exploitation
Seh based exploitationSeh based exploitation
Seh based exploitationRaghunath G
 
Analysis of malicious pdf
Analysis of malicious pdfAnalysis of malicious pdf
Analysis of malicious pdfRaghunath G
 
Mobile application security 101
Mobile application security 101Mobile application security 101
Mobile application security 101Raghunath G
 
Security News Bytes
Security News BytesSecurity News Bytes
Security News BytesRaghunath G
 
Is iso 27001, an answer to security
Is iso 27001, an answer to securityIs iso 27001, an answer to security
Is iso 27001, an answer to securityRaghunath G
 
Null HYD Playing with shodan null
Null HYD Playing with shodan nullNull HYD Playing with shodan null
Null HYD Playing with shodan nullRaghunath G
 
Newsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecNewsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecRaghunath G
 
Null July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj MachirajuNull July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj MachirajuRaghunath G
 
Security News Bytes
Security News BytesSecurity News Bytes
Security News BytesRaghunath G
 
Spear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishnaSpear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishnaRaghunath G
 
Netcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beemaNetcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beemaRaghunath G
 
The art of_firewalking-by-sujay
The art of_firewalking-by-sujayThe art of_firewalking-by-sujay
The art of_firewalking-by-sujayRaghunath G
 

More from Raghunath G (18)

Securitynewsbytes
SecuritynewsbytesSecuritynewsbytes
Securitynewsbytes
 
Whats app forensic
Whats app forensicWhats app forensic
Whats app forensic
 
Seh based exploitation
Seh based exploitationSeh based exploitation
Seh based exploitation
 
Analysis of malicious pdf
Analysis of malicious pdfAnalysis of malicious pdf
Analysis of malicious pdf
 
Mobile application security 101
Mobile application security 101Mobile application security 101
Mobile application security 101
 
Security News Bytes
Security News BytesSecurity News Bytes
Security News Bytes
 
Is iso 27001, an answer to security
Is iso 27001, an answer to securityIs iso 27001, an answer to security
Is iso 27001, an answer to security
 
Null HYD Playing with shodan null
Null HYD Playing with shodan nullNull HYD Playing with shodan null
Null HYD Playing with shodan null
 
Null HYD VRTDOS
Null HYD VRTDOSNull HYD VRTDOS
Null HYD VRTDOS
 
Metasploit
MetasploitMetasploit
Metasploit
 
Newsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecNewsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_Dec
 
Null dec 2014
Null dec 2014Null dec 2014
Null dec 2014
 
Null July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj MachirajuNull July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj Machiraju
 
Security News Bytes
Security News BytesSecurity News Bytes
Security News Bytes
 
Decoy documents
Decoy documentsDecoy documents
Decoy documents
 
Spear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishnaSpear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishna
 
Netcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beemaNetcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beema
 
The art of_firewalking-by-sujay
The art of_firewalking-by-sujayThe art of_firewalking-by-sujay
The art of_firewalking-by-sujay
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 

Recently uploaded (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 

Social engineering by-rakesh-nagekar

  • 1.
  • 2.
  • 3. What is Social Engineering “The act of manipulating people into performing actions or divulging confidential information..” Wikipedia (also sourced on social-engineer.org)
  • 4. Origin of “Social Engineering”  Social Engineering this word came in the year of 1894 by a Dutch guy.  Social Engineering is there 100 years ago also.  The person who do Social Engineering we call as Conn Artists
  • 5. Some Popular Conn Artists in 20th Century
  • 6. Victor Lustig  The person who sold the Eiffel Tower number of times.  Used current events.  He made a deal with Scrap Dealers, selling the structure to them for $40,000.  An extremely good deal for buyers – too good to be true
  • 10. Frank Abagnale Jr  Fake pilot arrested in cockpit.  He acted as a Lawyer, Doctor and pilot.  Abagnale‟s cons were often check frauds.  Did it will work today ?
  • 11. Social Engineering in 20th Century
  • 12. Kevin Mitnick  20 years ago person named “Kevin Mitnick” brought social engineering in IT security.  He is an American Security Consultant, author, convicted criminal and Hacker.  According to US department of justice, Kevin gained unauthorized access to dozens of computer networks.
  • 13. Weakest Link  People are the largest vulnerabilities in any network  Social engineering is based on decision making of human being
  • 14. Motivation  There are variety of motivations exists which includes,  Financial Gain  Self-Interest  Revenge  External Pressure
  • 15. Cycle of Events  It consists of 4 phases  Information Gathering  Developing Relationship  Execution  Exploitation
  • 16. Information Gathering “If you know the enemy and know yourself you need not fear the results of a hundred battles” -Sun Tzu
  • 17. Cycle of Events  Information Gathering  A Variety of techniques can be used by an aggressor to gather information about the target(s). Once gathered, this information can then be used to build a relationship with either the target or someone important to the success of the attack.  Developing Relationship  An aggressor may freely exploit the willingness of a target to be trusting in order to develop rapport with them. While developing this relationship, the aggressor will position himself into a position of trust which he will then exploit
  • 18. Cycle of Events  Exploitation  The target may then be manipulated by the „trusted‟ aggressor to reveal information (e.g. passwords) or perform an action (e.g. creating an account or reversing telephone charges) that would not normally occur. This action could be the end of the attack or the beginning of the next stage.  Execution  Once the target has completed the task requested by the aggressor, the cycle is complete.
  • 19. How Social Engineering is accomplished  Telephone  Online  Dumpster Diving  Shoulder Surfing  Reverse Social Engineering  Persuasion
  • 20. How Social Engineering is accomplished  Telephone  Using telephones to contact individuals of a company to persuade them to divulge in confidential information.  Online  Persuading or gathering information through the use of an online chat.  Dumpster Diving  Looking for information discarded by a company employees.
  • 21. How Social Engineering is accomplished  Shoulder Surfing  Simply looking over someone‟s shoulder while they are using a computer.  Reverse Social Engineering  This is a more advanced method of social engineering and is almost always successful.  Persuasion  Persuading someone to give your confidential information either by convincing them you are someone who can be trusted.
  • 22. Biases  Biases are nothing but the deviations from a standard of rationality or good judgments.  There are many types of biasing, but these five are important ones:  Pretexting  Phishing  IVR or Phone Phishing  Baiting  Tailgating
  • 23. Preventive Measures  Organizations must, on an employee/personnel level, establish frameworks of trust. (i.e., When/Where/Why/How should sensitive information be handled?)  Organizations must identify which information is sensitive and question its integrity in all forms. (i.e., Social Engineering, Building Security, Computer Security, etc.)  Organizations must establish security protocols for the people who handle sensitive information. (i.e., Paper-Trails for information disclosure and/or forensic crumbs)