1 / 16

Social Engineering

Social Engineering. Wilfridus Bambang Triadi Handaya Wilfridus.bambang@gmail.com. What is Social Engineering?. art of convincing people to reveal confidential information Uses Psychological Methods Exploits basic human nature Goals are the Same as Hacking.

suzy
Download Presentation

Social Engineering

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Social Engineering WilfridusBambangTriadiHandaya Wilfridus.bambang@gmail.com

  2. What is Social Engineering? • art of convincing people to reveal confidential information • Uses Psychological Methods • Exploits basic human nature • Goals are the Same as Hacking

  3. Goals of Social Engineering Activity • attempt to gather information: • Sensitive information • Authorization details • Access details

  4. Types of Social Engineering • Human-based: Gathers information by interaction exploit trust, fear, and desire to help • Computer-Based: carried out with the help of computers

  5. Human Based Social EngineeringExamples • Eavesdropping • Shoulder Surfing

  6. Human Based Social EngineeringExamples (cont’d) • Pretexting • Dumpster Diving

  7. Human Based Social EngineeringExamples (cont’d) • Reverse Social Engineering, Samples movies

  8. Computer Based Social EngineeringExamples • Social Engineer Toolkit (SET)

  9. Countermeasures

  10. Conclusions • Social Engineering is a very real threat • Realistic prevention is difficults • Can be expensive • Easier than technical hacking • Hard to detect and track

  11. “You could spend a fortune purchasing technology and services...and your network infrastructure could still remain vulnerable to old-fashioned manipulation.” Kevin Mitnick

  12. References • http://www.social-engineer.org, accessed on April 18, 2011. 09.00 pm • CEH v6.1, course materials, ec-council • Carback, Rick. “Social Engineering”, 2005 • Bambang, Wilfridus. “Social Engineering, sebagaimetodepengumpulaninformasipadatahapseranganterhadapkeamanansisteminformasi”, 2007

More Related