SlideShare a Scribd company logo

Social engineering by-rakesh-nagekar

R
Raghunath G

Social engineering is manipulating people into taking actions or revealing confidential information. It has been used for over 100 years by con artists known as social engineers. Popular social engineers from the 20th century included Victor Lustig, who sold the Eiffel Tower multiple times, and Frank Abagnale Jr., who impersonated professionals like pilots and lawyers. More recently, Kevin Mitnick used social engineering to gain unauthorized access to computer networks in the 1990s. Social engineering works by gathering information about targets, developing trust with them, then exploiting that trust to obtain information or actions. It is accomplished using techniques like phone calls, online chatting, looking through trash, and shoulder surfing. Organizations can help prevent social engineering by establishing frameworks for

TechnologyBusiness
1 of 25
Download to read offline
What is Social Engineering “The act of manipulating people into performing actions or divulging confidential information..” Wikipedia (also sourced on social-engineer.org)
Origin of “Social Engineering”  Social Engineering this word came in the year of 1894 by a Dutch guy.  Social Engineering is there 100 years ago also.  The person who do Social Engineering we call as Conn Artists
Some Popular Conn Artists in 20th Century
Victor Lustig  The person who sold the Eiffel Tower number of times.  Used current events.  He made a deal with Scrap Dealers, selling the structure to them for $40,000.  An extremely good deal for buyers – too good to be true
Hotel Ritz
Social Engineering 40-50 years ago
Frank Abagnale Jr
Frank Abagnale Jr  Fake pilot arrested in cockpit.  He acted as a Lawyer, Doctor and pilot.  Abagnale‟s cons were often check frauds.  Did it will work today ?
Social Engineering in 20th Century
Kevin Mitnick  20 years ago person named “Kevin Mitnick” brought social engineering in IT security.  He is an American Security Consultant, author, convicted criminal and Hacker.  According to US department of justice, Kevin gained unauthorized access to dozens of computer networks.
Weakest Link  People are the largest vulnerabilities in any network  Social engineering is based on decision making of human being
Motivation  There are variety of motivations exists which includes,  Financial Gain  Self-Interest  Revenge  External Pressure
Cycle of Events  It consists of 4 phases  Information Gathering  Developing Relationship  Execution  Exploitation
Information Gathering “If you know the enemy and know yourself you need not fear the results of a hundred battles” -Sun Tzu
Cycle of Events  Information Gathering  A Variety of techniques can be used by an aggressor to gather information about the target(s). Once gathered, this information can then be used to build a relationship with either the target or someone important to the success of the attack.  Developing Relationship  An aggressor may freely exploit the willingness of a target to be trusting in order to develop rapport with them. While developing this relationship, the aggressor will position himself into a position of trust which he will then exploit
Cycle of Events  Exploitation  The target may then be manipulated by the „trusted‟ aggressor to reveal information (e.g. passwords) or perform an action (e.g. creating an account or reversing telephone charges) that would not normally occur. This action could be the end of the attack or the beginning of the next stage.  Execution  Once the target has completed the task requested by the aggressor, the cycle is complete.
How Social Engineering is accomplished  Telephone  Online  Dumpster Diving  Shoulder Surfing  Reverse Social Engineering  Persuasion
How Social Engineering is accomplished  Telephone  Using telephones to contact individuals of a company to persuade them to divulge in confidential information.  Online  Persuading or gathering information through the use of an online chat.  Dumpster Diving  Looking for information discarded by a company employees.
How Social Engineering is accomplished  Shoulder Surfing  Simply looking over someone‟s shoulder while they are using a computer.  Reverse Social Engineering  This is a more advanced method of social engineering and is almost always successful.  Persuasion  Persuading someone to give your confidential information either by convincing them you are someone who can be trusted.
Biases  Biases are nothing but the deviations from a standard of rationality or good judgments.  There are many types of biasing, but these five are important ones:  Pretexting  Phishing  IVR or Phone Phishing  Baiting  Tailgating
Preventive Measures  Organizations must, on an employee/personnel level, establish frameworks of trust. (i.e., When/Where/Why/How should sensitive information be handled?)  Organizations must identify which information is sensitive and question its integrity in all forms. (i.e., Social Engineering, Building Security, Computer Security, etc.)  Organizations must establish security protocols for the people who handle sensitive information. (i.e., Paper-Trails for information disclosure and/or forensic crumbs)
Social engineering by-rakesh-nagekar
Social engineering by-rakesh-nagekar

Recommended

Social engineering
Social engineeringSocial engineering
Social engineering
Robert Hood
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human Behavior
James Krusic
 
Social engineering
Social engineeringSocial engineering
Social engineering
Maulik Kotak
 
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hacking
msaksida
 
Social engineering
Social engineering Social engineering
Social engineering
Vîñàý Pãtêl
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attack
Pankaj Dubey
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering Basics
Luke Rusten
 
Social Engineering new.pptx
Social Engineering new.pptxSocial Engineering new.pptx
Social Engineering new.pptx
Santhosh Prabhu
 

Recommended

Social engineering
Social engineeringSocial engineering
Social engineering
Robert Hood
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human Behavior
James Krusic
 
Social engineering
Social engineeringSocial engineering
Social engineering
Maulik Kotak
 
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hacking
msaksida
 
Social engineering
Social engineering Social engineering
Social engineering
Vîñàý Pãtêl
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attack
Pankaj Dubey
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering Basics
Luke Rusten
 
Social Engineering new.pptx
Social Engineering new.pptxSocial Engineering new.pptx
Social Engineering new.pptx
Santhosh Prabhu
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
Social engineering
Social engineeringSocial engineering
Social engineering
Alexander Zhuravlev
 
Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015
Hovhannes Aghajanyan
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
pooja_doshi
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
sweetpeace1
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...
ABHAY PATHAK
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
sommerville-videos
 
Phishing
PhishingPhishing
Phishing
Alka Falwaria
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
SysCloud
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionage
Marin Ivezic
 
Social engineering
Social engineeringSocial engineering
Social engineering
ankushmohanty
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
Radar Cyber Security
 
Social engineering
Social engineeringSocial engineering
Social engineering
Vishal Kumar
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
Rick Wanner
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Muhammad Osama Khalid
 
cyber security
cyber security cyber security
cyber security
NiharikaVoleti
 
Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security Vulnerabilities
Siemplify
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
Akash Dhiman
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
Sahil Vashishtha
 
Cyber security awareness presentation
Cyber security awareness presentationCyber security awareness presentation
Cyber security awareness presentation
Ashokkumar Gnanasekar
 
Oig 14 19-dec13 report on eb5 program
Oig 14 19-dec13 report on eb5 programOig 14 19-dec13 report on eb5 program
Oig 14 19-dec13 report on eb5 program
James Lavigne
 
Pengenalan Pillow Lava di Berbah,Sleman,Yogyakarta
Pengenalan Pillow Lava di Berbah,Sleman,YogyakartaPengenalan Pillow Lava di Berbah,Sleman,Yogyakarta
Pengenalan Pillow Lava di Berbah,Sleman,Yogyakarta
Nicholas Vincento
 

More Related Content

What's hot

Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
pooja_doshi
 

What's hot (20)

Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
 
Phishing
PhishingPhishing
Phishing
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionage
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025Cyber attacks and IT security management in 2025
Cyber attacks and IT security management in 2025
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
cyber security
cyber security cyber security
cyber security
 
Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security Vulnerabilities
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
CYBER CRIME AND SECURITY
CYBER CRIME AND SECURITYCYBER CRIME AND SECURITY
CYBER CRIME AND SECURITY
 
Cyber security awareness presentation
Cyber security awareness presentationCyber security awareness presentation
Cyber security awareness presentation
 

Viewers also liked

Oig 14 19-dec13 report on eb5 program
Oig 14 19-dec13 report on eb5 programOig 14 19-dec13 report on eb5 program
Oig 14 19-dec13 report on eb5 program
James Lavigne
 
Investor alert—investment scams exploit immigrant investor program
Investor alert—investment scams exploit immigrant investor programInvestor alert—investment scams exploit immigrant investor program
Investor alert—investment scams exploit immigrant investor program
James Lavigne
 
Securitynewsbytes april2015-150418153901-conversion-gate01
Securitynewsbytes april2015-150418153901-conversion-gate01Securitynewsbytes april2015-150418153901-conversion-gate01
Securitynewsbytes april2015-150418153901-conversion-gate01
Raghunath G
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthan
Raghunath G
 
So you want to retire in florida 1997 far
So you want to retire in florida 1997 farSo you want to retire in florida 1997 far
So you want to retire in florida 1997 far
James Lavigne
 
Buying a business in florida
Buying a business in floridaBuying a business in florida
Buying a business in florida
James Lavigne
 

Viewers also liked (20)

Oig 14 19-dec13 report on eb5 program
Oig 14 19-dec13 report on eb5 programOig 14 19-dec13 report on eb5 program
Oig 14 19-dec13 report on eb5 program
 
Pengenalan Pillow Lava di Berbah,Sleman,Yogyakarta
Pengenalan Pillow Lava di Berbah,Sleman,YogyakartaPengenalan Pillow Lava di Berbah,Sleman,Yogyakarta
Pengenalan Pillow Lava di Berbah,Sleman,Yogyakarta
 
Investor alert—investment scams exploit immigrant investor program
Investor alert—investment scams exploit immigrant investor programInvestor alert—investment scams exploit immigrant investor program
Investor alert—investment scams exploit immigrant investor program
 
Securitynewsbytes april2015-150418153901-conversion-gate01
Securitynewsbytes april2015-150418153901-conversion-gate01Securitynewsbytes april2015-150418153901-conversion-gate01
Securitynewsbytes april2015-150418153901-conversion-gate01
 
Xss 101 by-sai-shanthan
Xss 101 by-sai-shanthanXss 101 by-sai-shanthan
Xss 101 by-sai-shanthan
 
Nomadic Display Instand Instructions
Nomadic Display Instand InstructionsNomadic Display Instand Instructions
Nomadic Display Instand Instructions
 
Lockout
LockoutLockout
Lockout
 
Example problems
Example problemsExample problems
Example problems
 
Heartbleed by-danish amber
Heartbleed by-danish amberHeartbleed by-danish amber
Heartbleed by-danish amber
 
CSM Storage Debugging
CSM Storage DebuggingCSM Storage Debugging
CSM Storage Debugging
 
88001174636 Marvella city in haridwar
88001174636 Marvella city in haridwar 88001174636 Marvella city in haridwar
88001174636 Marvella city in haridwar
 
So you want to retire in florida 1997 far
So you want to retire in florida 1997 farSo you want to retire in florida 1997 far
So you want to retire in florida 1997 far
 
Marvella city a complete township in haridwar
Marvella city a complete township in haridwarMarvella city a complete township in haridwar
Marvella city a complete township in haridwar
 
The Art of Social Media: Tips & Tricks
The Art of Social Media: Tips & TricksThe Art of Social Media: Tips & Tricks
The Art of Social Media: Tips & Tricks
 
Nomadic Display Set Up HangTen
Nomadic Display Set Up HangTenNomadic Display Set Up HangTen
Nomadic Display Set Up HangTen
 
Buying a business in florida
Buying a business in floridaBuying a business in florida
Buying a business in florida
 
Example problems Binomial Multiplication
Example problems Binomial MultiplicationExample problems Binomial Multiplication
Example problems Binomial Multiplication
 
Raspberry pi 2
Raspberry pi 2Raspberry pi 2
Raspberry pi 2
 
Uga Webinar Series: building credibility as a young professional
Uga Webinar Series: building credibility as a young professionalUga Webinar Series: building credibility as a young professional
Uga Webinar Series: building credibility as a young professional
 
World Cup! Young Germany Guest Blogging
World Cup! Young Germany Guest BloggingWorld Cup! Young Germany Guest Blogging
World Cup! Young Germany Guest Blogging
 

Similar to Social engineering by-rakesh-nagekar

Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthy
Russell Publishing
 
What is social engineering.pdf
What is social engineering.pdfWhat is social engineering.pdf
What is social engineering.pdf
uzair
 

Similar to Social engineering by-rakesh-nagekar (20)

Social Engineering By Rakesh Nagekar
Social Engineering By Rakesh NagekarSocial Engineering By Rakesh Nagekar
Social Engineering By Rakesh Nagekar
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
PACE-IT, Security+3.3: Summary of Social Engineering Attacks
PACE-IT, Security+3.3: Summary of Social Engineering AttacksPACE-IT, Security+3.3: Summary of Social Engineering Attacks
PACE-IT, Security+3.3: Summary of Social Engineering Attacks
 
Airport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthyAirport IT&T 2013 John McCarthy
Airport IT&T 2013 John McCarthy
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineering
 
Data security concepts chapter 2
Data security concepts chapter 2Data security concepts chapter 2
Data security concepts chapter 2
 
Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"
 
Why is cybersecurity important for the entertainment industry
Why is cybersecurity important for the entertainment industry Why is cybersecurity important for the entertainment industry
Why is cybersecurity important for the entertainment industry
 
Social engineering 101 or The Art of How You Got Owned by That Random Stranger
Social engineering 101 or The Art of How You Got Owned by That Random StrangerSocial engineering 101 or The Art of How You Got Owned by That Random Stranger
Social engineering 101 or The Art of How You Got Owned by That Random Stranger
 
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.ppt
 
SECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.pptSECURITY AND SOCIAL ENGINEERING.ppt
SECURITY AND SOCIAL ENGINEERING.ppt
 
Social Engineering 2.0
Social Engineering 2.0Social Engineering 2.0
Social Engineering 2.0
 
- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdf- Social Engineering Unit- II Part- I.pdf
- Social Engineering Unit- II Part- I.pdf
 
cyber security.pptx
cyber security.pptxcyber security.pptx
cyber security.pptx
 
What is social engineering.pdf
What is social engineering.pdfWhat is social engineering.pdf
What is social engineering.pdf
 
Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)
 
Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)
 
34088.Chapter-2.pptx
34088.Chapter-2.pptx34088.Chapter-2.pptx
34088.Chapter-2.pptx
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 

More from Raghunath G

Spear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishnaSpear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishna
Raghunath G
 
Netcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beemaNetcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beema
Raghunath G
 
The art of_firewalking-by-sujay
The art of_firewalking-by-sujayThe art of_firewalking-by-sujay
The art of_firewalking-by-sujay
Raghunath G
 

More from Raghunath G (18)

Securitynewsbytes
SecuritynewsbytesSecuritynewsbytes
Securitynewsbytes
 
Whats app forensic
Whats app forensicWhats app forensic
Whats app forensic
 
Seh based exploitation
Seh based exploitationSeh based exploitation
Seh based exploitation
 
Analysis of malicious pdf
Analysis of malicious pdfAnalysis of malicious pdf
Analysis of malicious pdf
 
Mobile application security 101
Mobile application security 101Mobile application security 101
Mobile application security 101
 
Security News Bytes
Security News BytesSecurity News Bytes
Security News Bytes
 
Is iso 27001, an answer to security
Is iso 27001, an answer to securityIs iso 27001, an answer to security
Is iso 27001, an answer to security
 
Null HYD Playing with shodan null
Null HYD Playing with shodan nullNull HYD Playing with shodan null
Null HYD Playing with shodan null
 
Null HYD VRTDOS
Null HYD VRTDOSNull HYD VRTDOS
Null HYD VRTDOS
 
Metasploit
MetasploitMetasploit
Metasploit
 
Newsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_DecNewsbytes_NULLHYD_Dec
Newsbytes_NULLHYD_Dec
 
Null dec 2014
Null dec 2014Null dec 2014
Null dec 2014
 
Null July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj MachirajuNull July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj Machiraju
 
Security News Bytes
Security News BytesSecurity News Bytes
Security News Bytes
 
Decoy documents
Decoy documentsDecoy documents
Decoy documents
 
Spear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishnaSpear phishing attacks-by-hari_krishna
Spear phishing attacks-by-hari_krishna
 
Netcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beemaNetcat 101 by-mahesh-beema
Netcat 101 by-mahesh-beema
 
The art of_firewalking-by-sujay
The art of_firewalking-by-sujayThe art of_firewalking-by-sujay
The art of_firewalking-by-sujay
 

Recently uploaded

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Recently uploaded (20)

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

Social engineering by-rakesh-nagekar

  • 1.
  • 2.
  • 3. What is Social Engineering “The act of manipulating people into performing actions or divulging confidential information..” Wikipedia (also sourced on social-engineer.org)
  • 4. Origin of “Social Engineering”  Social Engineering this word came in the year of 1894 by a Dutch guy.  Social Engineering is there 100 years ago also.  The person who do Social Engineering we call as Conn Artists
  • 5. Some Popular Conn Artists in 20th Century
  • 6. Victor Lustig  The person who sold the Eiffel Tower number of times.  Used current events.  He made a deal with Scrap Dealers, selling the structure to them for $40,000.  An extremely good deal for buyers – too good to be true
  • 10. Frank Abagnale Jr  Fake pilot arrested in cockpit.  He acted as a Lawyer, Doctor and pilot.  Abagnale‟s cons were often check frauds.  Did it will work today ?
  • 11. Social Engineering in 20th Century
  • 12. Kevin Mitnick  20 years ago person named “Kevin Mitnick” brought social engineering in IT security.  He is an American Security Consultant, author, convicted criminal and Hacker.  According to US department of justice, Kevin gained unauthorized access to dozens of computer networks.
  • 13. Weakest Link  People are the largest vulnerabilities in any network  Social engineering is based on decision making of human being
  • 14. Motivation  There are variety of motivations exists which includes,  Financial Gain  Self-Interest  Revenge  External Pressure
  • 15. Cycle of Events  It consists of 4 phases  Information Gathering  Developing Relationship  Execution  Exploitation
  • 16. Information Gathering “If you know the enemy and know yourself you need not fear the results of a hundred battles” -Sun Tzu
  • 17. Cycle of Events  Information Gathering  A Variety of techniques can be used by an aggressor to gather information about the target(s). Once gathered, this information can then be used to build a relationship with either the target or someone important to the success of the attack.  Developing Relationship  An aggressor may freely exploit the willingness of a target to be trusting in order to develop rapport with them. While developing this relationship, the aggressor will position himself into a position of trust which he will then exploit
  • 18. Cycle of Events  Exploitation  The target may then be manipulated by the „trusted‟ aggressor to reveal information (e.g. passwords) or perform an action (e.g. creating an account or reversing telephone charges) that would not normally occur. This action could be the end of the attack or the beginning of the next stage.  Execution  Once the target has completed the task requested by the aggressor, the cycle is complete.
  • 19. How Social Engineering is accomplished  Telephone  Online  Dumpster Diving  Shoulder Surfing  Reverse Social Engineering  Persuasion
  • 20. How Social Engineering is accomplished  Telephone  Using telephones to contact individuals of a company to persuade them to divulge in confidential information.  Online  Persuading or gathering information through the use of an online chat.  Dumpster Diving  Looking for information discarded by a company employees.
  • 21. How Social Engineering is accomplished  Shoulder Surfing  Simply looking over someone‟s shoulder while they are using a computer.  Reverse Social Engineering  This is a more advanced method of social engineering and is almost always successful.  Persuasion  Persuading someone to give your confidential information either by convincing them you are someone who can be trusted.
  • 22. Biases  Biases are nothing but the deviations from a standard of rationality or good judgments.  There are many types of biasing, but these five are important ones:  Pretexting  Phishing  IVR or Phone Phishing  Baiting  Tailgating
  • 23. Preventive Measures  Organizations must, on an employee/personnel level, establish frameworks of trust. (i.e., When/Where/Why/How should sensitive information be handled?)  Organizations must identify which information is sensitive and question its integrity in all forms. (i.e., Social Engineering, Building Security, Computer Security, etc.)  Organizations must establish security protocols for the people who handle sensitive information. (i.e., Paper-Trails for information disclosure and/or forensic crumbs)