Soumettre la recherche
Mettre en ligne
TH3 Professional Developper CEH social engineering
•
5 j'aime
•
5,857 vues
th3prodevelopper
Suivre
Social Engineering
Lire moins
Lire la suite
Formation
Technologie
Business
Signaler
Partager
Signaler
Partager
1 sur 99
Télécharger maintenant
Télécharger pour lire hors ligne
Recommandé
What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.
Pratum
Social engineering
Social engineering
Vîñàý Pãtêl
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...
ABHAY PATHAK
Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"
abercius24
Social engineering
Social engineering
Maulik Kotak
Social engineering hacking attack
Social engineering hacking attack
Pankaj Dubey
Social Engineering Basics
Social Engineering Basics
Luke Rusten
Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?
JamRivera1
Recommandé
What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.
Pratum
Social engineering
Social engineering
Vîñàý Pãtêl
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...
ABHAY PATHAK
Social Engineering: "The Cyber-Con"
Social Engineering: "The Cyber-Con"
abercius24
Social engineering
Social engineering
Maulik Kotak
Social engineering hacking attack
Social engineering hacking attack
Pankaj Dubey
Social Engineering Basics
Social Engineering Basics
Luke Rusten
Social Engineering - Are You Protecting Your Data Enough?
Social Engineering - Are You Protecting Your Data Enough?
JamRivera1
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Richard Common
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hacking
msaksida
Module 3 social engineering-b
Module 3 social engineering-b
BbAOC
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionage
Marin Ivezic
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917
Evan Francen
Social engineering
Social engineering
Robert Hood
Social engineering
Social engineering
Abdelhamid Limami
Social engineering
Social engineering
Alexander Zhuravlev
Social engineering tales
Social engineering tales
Ahmed Musaad
Social engineering
Social engineering
ankushmohanty
Social Engineering
Social Engineering
Cyber Agency
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking Framework
Jahangirnagar University
Social engineering The Good and Bad
Social engineering The Good and Bad
Tzar Umang
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human Behavior
James Krusic
Social Engineering Techniques
Social Engineering Techniques
Neelu Tripathy
Social engineering
Social engineering
Vishal Kumar
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
OWASP Foundation
Infographic: Penetration Testing - A Look into a Full Pen Test Campaign
Infographic: Penetration Testing - A Look into a Full Pen Test Campaign
Pratum
Social Engineering 2.0
Social Engineering 2.0
Murray Security Services
Social Engineering and What to do About it
Social Engineering and What to do About it
Aleksandr Yampolskiy
EC-Council Certified Network Defender
EC-Council Certified Network Defender
ITpreneurs
TH3 Professional Developper CEH phishing
TH3 Professional Developper CEH phishing
th3prodevelopper
Contenu connexe
Tendances
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Richard Common
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hacking
msaksida
Module 3 social engineering-b
Module 3 social engineering-b
BbAOC
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionage
Marin Ivezic
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917
Evan Francen
Social engineering
Social engineering
Robert Hood
Social engineering
Social engineering
Abdelhamid Limami
Social engineering
Social engineering
Alexander Zhuravlev
Social engineering tales
Social engineering tales
Ahmed Musaad
Social engineering
Social engineering
ankushmohanty
Social Engineering
Social Engineering
Cyber Agency
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking Framework
Jahangirnagar University
Social engineering The Good and Bad
Social engineering The Good and Bad
Tzar Umang
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human Behavior
James Krusic
Social Engineering Techniques
Social Engineering Techniques
Neelu Tripathy
Social engineering
Social engineering
Vishal Kumar
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
OWASP Foundation
Infographic: Penetration Testing - A Look into a Full Pen Test Campaign
Infographic: Penetration Testing - A Look into a Full Pen Test Campaign
Pratum
Social Engineering 2.0
Social Engineering 2.0
Murray Security Services
Social Engineering and What to do About it
Social Engineering and What to do About it
Aleksandr Yampolskiy
Tendances
(20)
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hacking
Module 3 social engineering-b
Module 3 social engineering-b
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionage
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917
Social engineering
Social engineering
Social engineering
Social engineering
Social engineering
Social engineering
Social engineering tales
Social engineering tales
Social engineering
Social engineering
Social Engineering
Social Engineering
Social engineering: A Human Hacking Framework
Social engineering: A Human Hacking Framework
Social engineering The Good and Bad
Social engineering The Good and Bad
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human Behavior
Social Engineering Techniques
Social Engineering Techniques
Social engineering
Social engineering
The Art of Human Hacking : Social Engineering
The Art of Human Hacking : Social Engineering
Infographic: Penetration Testing - A Look into a Full Pen Test Campaign
Infographic: Penetration Testing - A Look into a Full Pen Test Campaign
Social Engineering 2.0
Social Engineering 2.0
Social Engineering and What to do About it
Social Engineering and What to do About it
En vedette
EC-Council Certified Network Defender
EC-Council Certified Network Defender
ITpreneurs
TH3 Professional Developper CEH phishing
TH3 Professional Developper CEH phishing
th3prodevelopper
TH3 Professional Developper CEH denial of service
TH3 Professional Developper CEH denial of service
th3prodevelopper
TH3 Professional Developper CEH hacking email accounts
TH3 Professional Developper CEH hacking email accounts
th3prodevelopper
Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015
anpapathanasiou
Peace: Conflict Well Done
Peace: Conflict Well Done
Nancy Wright White
Cyberbulling
Cyberbulling
Jose Lopez
Bulling lia damaris2
Bulling lia damaris2
upark4
cyber bulling
cyber bulling
Sadaf Walliyani
Cyberbulling presentation
Cyberbulling presentation
paulinariba
Phising
Phising
teresamiraa
OSINT 2.0 - Past, present and future
OSINT 2.0 - Past, present and future
Christian Martorella
Cyber Bulling On School Grounds
Cyber Bulling On School Grounds
kerr1va
Social engineering with in for kanban
Social engineering with in for kanban
David Anderson
Osint overview 26 mar 2015
Osint overview 26 mar 2015
Mats Björe
Ce hv7 module 08 sniffers
Ce hv7 module 08 sniffers
Zuleima Parada
20070317 Osint Presentation
20070317 Osint Presentation
Mats Björe
ShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attack
Vladyslav Radetsky
Ceh v5 module 09 social engineering
Ceh v5 module 09 social engineering
Vi Tính Hoàng Nam
Datasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence Tool
Shubham Mittal
En vedette
(20)
EC-Council Certified Network Defender
EC-Council Certified Network Defender
TH3 Professional Developper CEH phishing
TH3 Professional Developper CEH phishing
TH3 Professional Developper CEH denial of service
TH3 Professional Developper CEH denial of service
TH3 Professional Developper CEH hacking email accounts
TH3 Professional Developper CEH hacking email accounts
Top 6 things_small_businesses_q12015
Top 6 things_small_businesses_q12015
Peace: Conflict Well Done
Peace: Conflict Well Done
Cyberbulling
Cyberbulling
Bulling lia damaris2
Bulling lia damaris2
cyber bulling
cyber bulling
Cyberbulling presentation
Cyberbulling presentation
Phising
Phising
OSINT 2.0 - Past, present and future
OSINT 2.0 - Past, present and future
Cyber Bulling On School Grounds
Cyber Bulling On School Grounds
Social engineering with in for kanban
Social engineering with in for kanban
Osint overview 26 mar 2015
Osint overview 26 mar 2015
Ce hv7 module 08 sniffers
Ce hv7 module 08 sniffers
20070317 Osint Presentation
20070317 Osint Presentation
ShadyRAT: Anatomy of targeted attack
ShadyRAT: Anatomy of targeted attack
Ceh v5 module 09 social engineering
Ceh v5 module 09 social engineering
Datasploit - An Open Source Intelligence Tool
Datasploit - An Open Source Intelligence Tool
Similaire à TH3 Professional Developper CEH social engineering
Cehv6 module 01 introduction to ethical hacking
Cehv6 module 01 introduction to ethical hacking
anonymousrider
Ce hv6 module 48 corporate espionage by insiders
Ce hv6 module 48 corporate espionage by insiders
Vi Tính Hoàng Nam
Cyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moima
Theko Moima
Hacking (1)
Hacking (1)
rishirvk1995
Module 9 (social engineering)
Module 9 (social engineering)
Wail Hassan
Isaca june 19, 2010
Isaca june 19, 2010
Vicky Shah
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
Hackito Ergo Sum
Ce Hv6 Module 43 Cyber Warfare Hacking Al Qaida And Terrorism
Ce Hv6 Module 43 Cyber Warfare Hacking Al Qaida And Terrorism
Kislaychd
DNS Cybersecurity in 2012-2015
DNS Cybersecurity in 2012-2015
Andrzej Bartosiewicz
Cyber security
Cyber security
TanmoyMaitra
Computer Hacking - An Introduction
Computer Hacking - An Introduction
Jayaseelan Vejayon
Cyber Security - ICCT Colleges
Cyber Security - ICCT Colleges
Potato
Ethical Hacking
Ethical Hacking
Aryan Saxena
CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1
Ian Sommerville
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
jaredcarst
AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)
Takeshi Takahashi
Ethical Hacking
Ethical Hacking
Keith Brooks
Ethical hacking
Ethical hacking
Goutham Shetty
seminar ppt.pptx
seminar ppt.pptx
AbhishekPadul1
Threats & Cyber Protection Measures
Threats & Cyber Protection Measures
Shiva Bissessar
Similaire à TH3 Professional Developper CEH social engineering
(20)
Cehv6 module 01 introduction to ethical hacking
Cehv6 module 01 introduction to ethical hacking
Ce hv6 module 48 corporate espionage by insiders
Ce hv6 module 48 corporate espionage by insiders
Cyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moima
Hacking (1)
Hacking (1)
Module 9 (social engineering)
Module 9 (social engineering)
Isaca june 19, 2010
Isaca june 19, 2010
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
HES2011 - Raould Chiesa - Hackers Cybercriminals from Wargames to the Undergr...
Ce Hv6 Module 43 Cyber Warfare Hacking Al Qaida And Terrorism
Ce Hv6 Module 43 Cyber Warfare Hacking Al Qaida And Terrorism
DNS Cybersecurity in 2012-2015
DNS Cybersecurity in 2012-2015
Cyber security
Cyber security
Computer Hacking - An Introduction
Computer Hacking - An Introduction
Cyber Security - ICCT Colleges
Cyber Security - ICCT Colleges
Ethical Hacking
Ethical Hacking
CS5032 L19 cybersecurity 1
CS5032 L19 cybersecurity 1
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
Cyber Threats & Cybersecurity - Are You Ready? - Jared Carstensen
AI: The New Player in Cybersecurity (Nov. 08, 2023)
AI: The New Player in Cybersecurity (Nov. 08, 2023)
Ethical Hacking
Ethical Hacking
Ethical hacking
Ethical hacking
seminar ppt.pptx
seminar ppt.pptx
Threats & Cyber Protection Measures
Threats & Cyber Protection Measures
Dernier
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
RaunakKeshri1
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
Sayali Powar
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
Association for Project Management
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
eniolaolutunde
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Pooja Nehwal
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
National Information Standards Organization (NISO)
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Krashi Coaching
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
Maestría en Comunicación Digital Interactiva - UNR
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
Celine George
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
nomboosow
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
misteraugie
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
chloefrazer622
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
fonyou31
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
Disha Kariya
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
anjaliyadav012327
microwave assisted reaction. General introduction
microwave assisted reaction. General introduction
Maksud Ahmed
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
Thiyagu K
Dernier
(20)
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
microwave assisted reaction. General introduction
microwave assisted reaction. General introduction
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
TH3 Professional Developper CEH social engineering
1.
Ethical Hacking and Countermeasures Version
6 Module Mod le XI Social Engineering
2.
Scenario
Source: http://www.treasury.gov/ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
3.
News
Source: http://www.technewsworld.com/ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
4.
Module Objective
This module will familiarize you with: • Social Engineering • Types of Social Engineering • Behaviors vulnerable to attacks • Social Engineering Threats and Defenses • Countermeasures for Social engineering • Policies and Procedures • Impersonating Orkut, Facebook, and MySpace • Identity Theft • Countermeasures for Identity theft Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
5.
Module Flow
Social Engineering Impersonating Orkut, Social Engineering Threats and Defenses Facebook, and MySpace Types of Social Countermeasures for Identity Theft Engineering Social engineering Behaviors vulnerable Countermeasures for Policies and Procedures to tt k t attacks Identity th ft Id tit theft Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
6.
There is No
Patch to Human Stupidity p y Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
7.
What is Social
Engineering Social Engineering is the human side of breaking into a corporate network Companies with authentication processes, firewalls, virtual private net o ks p i ate networks, and network monitoring soft a e a e still net o k monito ing software are open to attacks An employee may unwittingly give away key information in an email or by answering questions over the phone with someone they do not know, or even by talking about a project with coworkers at a local pub after hours Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
8.
What is Social
Engineering (cont d) (cont’d) Social engineering is the tactic or trick of gaining sensitive i f i i i i information b exploiting the i by l ii h basic human nature such as: • Trust • Fear • Desire to Help Social engineers attempt to gather information such as: • Sensitive information • Authorization details • Access details Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
9.
Human Weakness
People are usually the weakest link in the security chain A successful defense depends on having good policies and educating employees to follow them Social Engineering is the hardest form of attack to defend against because it cannot be defended with hardware or software alone Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
10.
“Rebecca” and “Jessica”
Hackers use the term “Rebecca” and “Jessica” to denote social engineering attacks Hackers commonly use these terms to social engineer victims Rebecca and Jessica mean a person who is an easy target for social engineering, engineering such as the receptionist of a company Example: p • “There was a Rebecca at the bank and I am going to call her to extract the privileged information.” • “I met Ms. Jessica, she was an easy target for social , y g engineering.” • “Do you have any Rebecca in your company?” Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
11.
Office Workers
Despite having the best firewall, intrusion-detection p g , and antivirus systems, technology has to offer, you are still hit with security breaches One reason for this may be lack of motivation among workers Hackers can attempt social engineering attack on office workers to extract sensitive data such as: • Security policies • Sensitive documents • Office network infrastructure • Passwords Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
12.
Types of Social
Engineering Social Engineering can be divided into two categories: •H Human-based: b d • Gathers sensitive information by interaction • Attacks of this category exploits trust, fear, and helping nature of humans • Computer Based: Computer-Based: • Social engineering is carried out with the aid of computers Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
13.
Human-Based Social
Engineering Posing P i as a L iti t End U Legitimate E d User • Gives identity and asks for the sensitive information • “Hi! This is John, from Department X. I have forgotten my password. Can I get it?” Posing as an Important User • Posing as a VIP of a target company, valuable customer, etc. • “Hi! This is Kevin, CFO Secretary. I’m working on an urgent project and lost system password. Can you help me out?” Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
14.
Human-Based Social Engineering
( cont’d) cont d) Posing as Technical Support • Calls as a technical support staff, and Ca s tec ca suppo t sta , a d requests id & passwords to retrieve data • ‘Sir, this is Mathew, Technical support, X company. Last night we had a system crash here, and we are checking for the lost here data. Can u give me your ID and Password?’ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
15.
Technical Support Example
A man calls a company’s help desk and says he’s forgotten his he s password. In a panic, he adds that if he misses the deadline on a big advertising project, his boss might fire him. The help desk worker feels sorry for him and quickly resets the password unwittingly giving the hacker clear entrance into the corporate network Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
16.
More Social Engineering
Examples "Hi, I'm John Brown. I'm with the external auditors Arthur Sanderson. We've been told by corporate to do a surprise inspection of your disaster recovery procedures. Your department has 10 minutes to show me how you would recover from a Website crash." Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
17.
More Social Engineering
Examples "Hi I'm Sharon, a sales rep out of the New York office. I know this is short notice, but I have a group of perspective clients out in the car that I've been trying for months to get to outsource th i security training t their it t i i needs to us. They're located just a few miles away and I think that if I can give them a quick tour of our facilities it should facilities, be enough to push them over the edge and get them to sign up. Oh yeah, they are particularly interested in what security precautions we've adopted. Seems someone hacked into their Website a while back, which is one of the reasons they're considering our company." Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
18.
More Social Engineering
Examples "Hi I m with Aircon Express Hi, I'm Services. We received a call that the computer room was getting too warm and need to check your HVAC system." Using professional-sounding terms like HVAC (Heating, Ventilation, and Air Conditioning) may add just enough credibility to an intruder's masquerade to allow him or her to gain access to the targeted secured resource. Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
19.
Human-Based Social
Engineering: Eavesdropping Eavesdropping or unauthorized li t i of E d i th i d listening f conversations or reading of messages Interception of any form such as audio, video, or written Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
20.
Human-Based Social
Engineering: Shoulder Surfing Looking over your shoulder as you enter a password Passwords Shoulder surfing is the name given to the p procedure that identity thieves use to find y Hacker out passwords, personal identification number, account numbers, and more Simply, they look over your shoulder--or even watch from a distance using binoculars, in order to get those pieces of information Victim Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
21.
Human-Based Social
Engineering: Dumpster Diving Search for sensitive information at target company’s: • Trash-bins • Printer Trash bins • user desk for sticky notes etc Collect: • Phone Bills • Contact Information • Financial Information • Operations related Information etc Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
22.
Dumpster Diving Example
A man behind the building is loading the company’s paper recycling bins into the back of a truck. Inside the bins are lists of employee titles and p o e u be s, a et g plans, and phone numbers, marketing p a s, a d the latest company financials This information is sufficient to launch a social engineering attack on the company Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
23.
Dumpster Diving Example
For example, if the hacker appears to have a good working knowledge of the staff in a company department he department, or she will probably be more successful while making an approach; most staff will assume that someone who h h knows a lot about the company must be a valid employee Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
24.
Oracle Snoops Microsoft’s
Trash Bins "We weren't spying. We were trying to expose what Microsoft was doing," said a fiery Ellison when reporters asked repeatedly p p y about the detective agency's attempts at buying garbage. Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
25.
Human-Based Social Engineering
( cont’d) cont d) • Survey a target company to collect information on In person • C Current t h l i t technologies • Contact information, and so on • Refer to an important person in the organization and try to collect data g y Third-party hi d • “Mr. George, our Finance Manager, Authorization asked that I pick up the audit reports. Will you please provide them to me? me?” Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
26.
Human-Based Social Engineering
( cont’d) cont d) Tailgating • An unauthorized person, wearing a fake ID badge, enters a secured area by closely following an authorized person through a door requiring key access • An authorized person may be unaware of providing an unauthorized person access to a secured area Piggybacking • “I forgot my ID badge at home. Please help me.” • An authorized person provides access to an unauthorized person by keeping the secured door open Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
27.
Human-Based Social Engineering
( cont’d) cont d) Reverse Social Engineering R S i lE i i • This is when the hacker creates a persona that appears to be in a position of authority so that employees will ask him for information, rather than the other way around • Reverse Social Engineering attack involves • Sabotage • Marketing • Providing Support Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
28.
Movies to Watch
for Reverse Engineering Examples: The Italian Job and Catch Me If You Can Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
29.
Computer-Based Social
Engineering It can be divided: Mail / IM attachments Pop up Pop-up Windows Websites / Sweepstakes Spam mail Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
30.
Computer-Based Social Engineering
(cont d) (cont’d) Pop-up Windows • Windows that suddenly pops up, while surfing the Internet and asks for users’ information to login or sign-in Hoaxes and chain letters • Hoax letters are emails that issue warnings to user on new virus, Trojans or worms that may harm the user’s system • Chain letters are emails that offer free gifts such as money, and software on the condition that if the user forwards the mail to said number of persons Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
31.
Computer-Based Social Engineering
(cont d) (cont’d) Online Pop-Up Attacks and Costs Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
32.
Computer-Based Social Engineering
(cont d) (cont’d) Instant Ch t Messenger I t t Chat M • Gathering of personal information by chatting with a selected online user to attempt to get information such as birth dates and maiden names • Acquired data is later used for cracking the user’s accounts Spam email • Email sent to many recipients without prior permission intended for commercial purposes • Irrelevant, unwanted, and unsolicited email to collect financial information, social security numbers, and network information , y , Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
33.
Computer-Based Social Engineering
(cont d) (cont’d) Phishing Phi hi • A illegitimate email f l l claiming t b An ill iti t il falsely l i i to be from a legitimate site attempts to acquire user’s personal or account information • Lures online users with statements such as • Verify your account • Update your information • Your account will be closed or suspended • Spam filters, anti-phishing tools integrated with web browsers can be used to protect from Phishers Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
34.
Computer-Based Social Engineering
(cont d) (cont’d) E mail E-mail phishing hyperlink Web page phishing hyperlink Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
35.
Computer-Based Social Engineering
(cont d) (cont’d) Online E-mail Attacks and Costs Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
36.
Insider Attack
If a competitor wants to cause damage to your organization, steal critical secrets, or put you out of b i t l iti l t t t f business, th j t h they just have t to find a job opening, prepare someone to pass the interview, have that person hired, and they will be in the organization It takes only one disgruntled person to take revenge and your company i compromised d is i d • 60% of attacks occur behind the firewall • An inside attack is easy to launch • Prevention is difficult • The inside attacker can easily succeed • Difficult to catch the perpetrator Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
37.
Disgruntled Employee
Most cases of insider abuse can be traced to i di id l who are d individuals h introverted, incapable of dealing with stress or conflict, and frustrated with their job, office politics, no respect, no promotions etc Disgruntled Company Employee Secrets Sends h data to S d the d competitors using Steganography Competitor Company Network Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
38.
Preventing Insider Threat
There is no single solution to prevent an insider threat Some recommendations: • Separation of duties • Rotation of duties • Least privilege • Controlled access • Logging and auditing i d di i • Legal policies • Archive critical data Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
39.
Common Targets of
Social Engineering Receptionists and help desk p p personnel Technical support executives Vendors of target organization System administrators and users Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
40.
Social Engineering
Threats and Defenses Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
41.
Social Engineering Threats
and Defenses Major attack vectors that a social engineering hacker uses: • Online • Telephone • Personal approaches • Reverse social engineering Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
42.
Online Threats
In a connected business world, staff often use and respond to requests and information that come electronically i f i h l i ll This connectivity enables hackers to make approaches to staff from the relative anonymity of Internet y y Online attacks, such as e-mail, pop-up application, and instant message attacks; use Trojan horses, worms, or viruses(malware) to damage or subvert computer resources Social engineering hacker persuades a staff member to provide information through a believable ruse, rather than infecting a computer with malware through a direct attack An attack may provide information that enables hacker to make a subsequent malware attack Solution: Ad i staff on h S l ti Advise t ff how t id tif and avoid online social engineering attacks to identify d id li i l i i tt k Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
43.
Telephone-Based Threats
Telephone offers a unique attack vector f social engineering h k T l h ff iq tt k t for i l i i hackers It is a familiar medium, but it is also impersonal, because target cannot see the hacker Communication options for most computer systems can also make Private Branch Exchange (PBX) an attractive target Stealing either credit card or telephone card PINs at telephone booths is another kind of attack Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
44.
Telephone-Based Threats
(cont d) (cont’d) There are three major goals for a hacker who attacks a PBX: • Request information, usually through the imitation of a legitimate user, either to access the telephone system itself or to gain remote access t computer systems to t t • Gain access to “free” telephone usage • Gain access to communications network Telephony PBX attack Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
45.
Personal Approaches
The simplest and cheapest way for a hacker to get information is to ask for it di tl kf directly This approach may seem crude and obvious, but it has been bedrock of confidence tricks since time b f fid i k i i began Four main successful approaches for social engineers: • Intimidation • Persuasion • Ingratiation • Assistance Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
46.
Defenses Against Social
Engineering Threats After you understand the wide range of threats, 3 steps are necessary to defend against social engineering threats • Develop a security management framework • Undertake risk management assessments • Implement social engineering defenses within your security policy Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
47.
Defenses Against Social
Engineering Threats (cont’d) (cont d) Risk Assessment: • You need to assess the level of risk that an attack possesses towards your company for deploying suitable security measures Risk categories include: • Confidential information • Business credibility • Business availability • Resources • Money Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
48.
Factors that make
Companies Vulnerable to Attacks Insufficient security training and awareness Several organizational units Lack of appropriate security policies Easy access of information e.g. e-mail Ids and phone extension numbers of employees Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
49.
Why is Social
Engineering Effective Security policies are as strong as its weakest link, and humans are the most susceptible factor Difficult to detect social engineering attempts There is no method to ensure the complete security from social engineering attacks No specific software or hardware for defending against p g g a social engineering attack Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
50.
Warning Signs of
an Attack An attacker may: • Show inability to give valid callback number • Make informal requests • Claim of authority • Show haste • Unusually compliment or praise • Show discomfort when questioned • Drop the name inadvertently • Threaten f dire Th t of di consequences if information i f ti is not provided Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
51.
Tool : Netcraft
Anti-Phishing Toolbar www.netcraft.com An anti-phishing system consisting of a toolbar and a central server that has p g y g information about URLs provided by Toolbar community and Netcraft Blocks phishing websites that are recorded in Netcraft’s central server Suspicious URLs can be reported to Netcraft by clicking Report a Phishing Site in the toolbar menu Shows all the attributes of each site such as host location, country, longevity, and popularity Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
52.
Tool : Netcraft
Anti-Phishing Toolbar ( cont’d) cont d) Netcraft Toolbar Site Report Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
53.
Tool : Netcraft
Anti-Phishing Toolbar ( cont’d) cont d) Location Website Network Information Copyright © by EC-Council EC-Council details All Rights Reserved. Reproduction is Strictly Prohibited
54.
Phases in a
Social Engineering Attack Four phases of a Social Engineering Attack: Research on target company Dumpster diving, websites, employees, tour company and so on Select Victim Identify frustrated employees of the target company Develop relationship Developing relationship with the selected employees Exploit the relationship to achieve the objective p p j Collect sensitive account Financial information Current Technologies information Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
55.
Behaviors Vulnerable to
Attacks Trust • Human nature of trust is the basis of any social engineering attack Ignorance • Ignorance about social engineering and its effects among the workforce makes the organization an easy target Fear • Social engineers might threaten severe losses in case of non- compliance with their request h i Greed • Social engineers lure the targets to divulge information by p g g g y promising g something for nothing Moral duty • Targets are asked for the help, and they comply out of a sense of moral obligation Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
56.
Impact on the
Organization Economic losses Damage of goodwill Loss of privacy Dangers of terrorism Lawsuits and arbitrations Temporary or permanent closure Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
57.
Countermeasures
Training • An efficient training program should consist of all security policies and methods to increase awareness on social engineering Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
58.
Countermeasures (cont’d)
Password policies • Periodic password change • Avoiding guessable passwords • Account blocking after failed attempts • Length and complexity of passwords L th d l it f d • Minimum number of characters, use of special characters, and numbers etc. e.g. ar1f23#$g • Secrecy of p y passwords • Do not reveal if asked, or write on anything to remember them Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
59.
Countermeasures (cont’d)
Operational guidelines • Ensure security of sensitive information and authorized use of resources Physical security policies • Identification of employees e.g. issuing of ID cards, cards uniforms and so on • Escorting the visitors • Accessing area restrictions • Proper shredding of useless documents • Employing security personnel l l Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
60.
Countermeasures (cont’d)
Classification of Information • Categorize the information as top secret, proprietary, for internal use only, for public use, and so on Access privileges A i il • Administrator, user, and guest accounts with proper authorization Background check of employees and proper B k d h k f l d termination process • Insiders with a criminal background and terminated employees are easy targets for procuring information Proper incidence response system • There should be proper guidelines for reacting in case of a social engineering attempt Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
61.
Policies and Procedures
Policy is the most critical component for any information security program Good policies and procedures are ineffective if they are not taught and reinforced by the employees Employees need to emphasize their importance After receiving training, the employee should sign a statement acknowledging that they understand the g g y policies Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
62.
Security Policies -
Checklist Account setup Password change policy Help desk procedures Access privileges Violations Employee Emplo ee identification Privacy policy Paper documents Modems Physical access restrictions y Virus control Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
63.
What Happened Next
Source http://www.treasury.gov/ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
64.
Impersonating Orkut,
Facebook, Facebook MySpace Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
65.
News
Source: http://www.dnaindia.com/ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
66.
News
Source: http://www.marketingweek.co.uk/ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
67.
Orkut
Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
68.
Impersonating on Orkut
Impersonation means imitates or copies the behavior or actions of others Orkut is a famous social networking site, and as a open source anyone can steal the personal and corporate information and create the account on others’ name On Orkut, accounts can be hacked by 2 main methods: Cookie Stealing and Phishing (Fake Page) Cookie Stealing involves a simple JavaScript which is backed up by a powerful PHP script in the back When this script is run by the victim, his cookie comes to the hacker, using which he can get into the victim’s account Fake pages look like pages of Orkut; when user name and password is put into their respective fields, they are sent to the email ID of the hacker Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
69.
MW.Orc worm
MW.Orc worm steals users' banking details, usernames, and passwords by propagating through Orkut This attack is triggered as the user launches an executable file disguised as a JPEG file The initial executable file that causes the infection, installs two additional files on the user's computer These files then pass e-mail banking details and passwords to the worm's anonymous creator when the infected users click on “My Computer” icon Infection spreads automatically by posting a URL in another user's Orkut Scrapbook; a guestbook where visitors can leave comments visible on user's page Apart from stealing personal information, this malware also enables a remote user to control PC and make it a part of botnet which is a network of infected PCs Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
70.
News
Source: http://www.theregister.co.uk/ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
71.
News
Source: http://www.ibnlive.com/news/ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
72.
News
Source: http://www.ibnlive.com/ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
73.
Facebook
Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
74.
Impersonating on Facebook
Facebook bloggers use a nickname instead of the th real name l Fake accounts are a violation of Terms of Use Facebook requires users to provide their real first d last fi t and l t names The impostor keeps add g up friends e posto eeps adding e ds The impostor uses other’s profile to get critical and valuable information Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
75.
Screenshot
Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
76.
News
Source: http://www.timesnews.net/ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
77.
MySpace
Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
78.
Impersonating on MySpace
MySpace M Space has become an effective marketing tool effecti e Various people have their profiles on MySpace to gain exposure All MySpace profiles are not genuine and real Adults impersonate as teen on MySpace which leads to tragedy Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
79.
Identity Theft
Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
80.
News
Source: http://www.mercurynews.com/ Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
81.
What is “Identity
Theft” Identity theft occurs when someone steals your name and other personal information for fraudulent purposes Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
82.
Identity Theft
Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
83.
How do you
steal Identity? d i Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
84.
How to Steal
Identity Original identity – Steven Charles Address: San Diego CA 92130 Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
85.
STEP 1
Get hold of Steven’s telephone bill, water bill, or electricity bill using dumpster diving, stolen email, or onsite stealing diving email Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
86.
STEP 2
Go to the Driving License Authority Tell them you lost your driver’s license They will ask you for proof of identity like a water bill,and electricity bill Show them the stolen bills Tell them you have moved from the original address The department employee will ask you to complete 2 forms – 1 for the replacement of the driver’s license and the 2nd for a change in address You will need a photo for the driver’s license Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
87.
STEP 3
Your replacement driver’s license will be issued to your new home address Now you are ready to have some serious fun Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
88.
Comparison
Original Same name: Steven Charles Identity Theft Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
89.
STEP 4
Go to a bank in which the original Steven Charles has an account (Example Citibank) Tell them you would like to apply for a new credit card Tell them you do not remember the account number and ask them to look it up using Steven’s name and address The bank will ask for your ID: Show them your driver’s license as ID ID is accepted. Your credit card is issued and ready for use Now you are ready for shopping Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
90.
Fake Steven has
a New Credit Card The fake Steven visits Wal-Mart and purchases a 42” plasma TV and state-of-the-art Bose speakers The fake Steven buys a Vertu Gold Phone worth USD 20K Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
91.
Fake Steven Buys
Car The fake Steven walks into a store and applies for a car loan; minutes later he is driving a new Audi Present your driver’s license as a form of ID f The loan officer does the credit check, and it comes out clean since the original Steven has a clean credit history y Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
92.
Real Steven Gets
Huge Credit Card Statement – USD 40k 4 Ahhh!!! Somebody stole my identity!! Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
93.
What Else…Oh My
God! Fake Steven can apply for a new passport Fake Steven can apply for a new bank account Fake Steven can shut down your utility services FAKE STEVEN CAN MAKE THE LIFE OF REAL STEVEN HELL Scary eh? Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
94.
“One bit of
personal One information is all someone needs to steal your identity” y y Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
95.
Identity Theft -
Serious Problem Identity theft is a serious problem The number of violations has continued to increase Securing personal i f S i l information i the i in h workplace and at home, and looking over credit card reports are just few of the ways to minimize the risk of the identity theft Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
96.
http://www.consumer.gov/idtheft/
Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
97.
Summary
Social Engineering is the human side of breaking into a corporate network human-side Social Engineering involves acquiring sensitive information or inappropriate access privileges by b an outsider t id Human-based social engineering refers to person-to-person interaction to retrieve the desired information d i di f i Computer-based social engineering refers to having computer software that attempts to retrieve the desired i f i h d i d information i A successful defense depends on having good policies and their diligent implementation Copyright © by EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
98.
Copyright © by
EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
99.
Copyright © by
EC-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited
Télécharger maintenant