What if this information ends up in the wrong hands?
Social engineering Manipulating people into giving confidential information or access to a system Passwords, security questions, bank/credit card info... Developing false trust or distrust Creating stories and scenarios to support the process
”I am a new employee here, and I need access to XXXX for YYYY...” ”Your IP address has just won 1 billion Euros!” ”A fun questionnaire to share with your friends! Get to know them better! 1. Where did you go to primary school? 2. Did you have a pet when you were a kid? If so, what was its name? 3. What was your childhood nickname?”
Phishing – posing as a credible website or an authority to steal personal information
1. Think twice. Trust shouldn't be the default, but something to be earned. 2. Do your research. 3. Do not share passwords with anyone, even if they claim to be an authority. 4. Be careful with links and downloads. 5. Keep your virus and malware protection up-to-date. 6. Install recommended operating system updates. 7. Update your browser plugins regularly.
Sources Image 1.1: Found at http://www.2-viruses.com/wp-content/uploads/2013/02/suomen-poliisi- virus.pnghttp://www.2-viruses.com/wp-content/uploads/2013/02/suomen-poliisi- virus.png Criddle, L. What is Social Engineering? Found at http://www.webroot.com/hk/en/home/resources/tips/online-shopping-banking/secure-what-is- social-engineeringDownloaded on 9.11.2014. http://www.webroot.com/hk/en/home/resources/tips/online-shopping-banking/secure-what-is- social-engineering Dinerman, B. Social networking and security risks. GFI White Paper. Found at http://www.gfi.com/whitepapers/Social_Networking_and_Security_Risks.pdf Downloaded on 9.11.2014. http://www.gfi.com/whitepapers/Social_Networking_and_Security_Risks.pdf Hunt, T. Clickjack attack – the hidden threat right in front of you. 2013. Found at http://www.troyhunt.com/2013/05/clickjack-attack-hidden-threat-right-in.html Downloaded on 9.11.2014. http://www.troyhunt.com/2013/05/clickjack-attack-hidden-threat-right-in.html Lemos, R. 10 Web Threats That Could Harm Your Business. 2013. Found at http://www.darkreading.com/vulnerabilities---threats/10-web-threats-that-could-harm-your- business/d/d-id/1139318?page_number=1Downloaded on 9.11.2014. http://www.darkreading.com/vulnerabilities---threats/10-web-threats-that-could-harm-your- business/d/d-id/1139318?page_number=1 Scharr, J. Malvertising Is Here: How To Protect Yourself. 2014. Found at http://www.tomsguide.com/us/malvertising-what-it-is,news-19877.html. Downloaded on 9.11.2014. http://www.tomsguide.com/us/malvertising-what-it-is,news-19877.html