Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2011 IsecT Ltd. Social engineering Spot it and stop it September 2011 Security awareness seminar.

Similar presentations


Presentation on theme: "Copyright © 2011 IsecT Ltd. Social engineering Spot it and stop it September 2011 Security awareness seminar."— Presentation transcript:

1 Copyright © 2011 IsecT Ltd. Social engineering Spot it and stop it September 2011 Security awareness seminar

2 Copyright © 2011 IsecT Ltd. Slide 2 Introduction Social engineering is a way of tricking people into doing things they shouldnt do, such as disclosing secrets

3 Copyright © 2011 IsecT Ltd. Slide 3 Blending-in

4 Copyright © 2011 IsecT Ltd. Slide 4 Who are social engineers? Kids, partners, friends Sales reps Hackers, virus writers Journalists Jilted lovers Industrial spies & unethical competitors Private investigators Spies Former, current or prospective employees Visitors, phone callers, ers, chatters, gift givers, friends …

5 Copyright © 2011 IsecT Ltd. Slide 5 New tricks Fake survey or prize draw Discarded USB stick, CD, cellphone … Note on the windshield, FAX, letter … Fake maintenance worker, courier, cleaner, auditor, customer, supplier, manager, executive assistant … Lottery win, inheritance or tax refund … Stuck in a hotel, wallet stolen, in a fix Friend or friend of a friend Check out this cool video … Fake job ad and interview

6 Copyright © 2011 IsecT Ltd. Slide 6 How they do it

7 Copyright © 2011 IsecT Ltd. Slide 7 Clues to watch out for Have you ever been pestered by a persistent, pushy sales rep, trying hard to sell you something you really dont want? Parents of 7 year olds will probably appreciate their ability to manipulate us into doing what they want

8 Copyright © 2011 IsecT Ltd. Slide 8 Warning signs Unexpected callers or visitors probing your for information or acting suspiciously Unusual requests, FAXes, s, text messages, Tweets or phone calls Probing, pushy or threatening behavior Name-dropping or using company slang out of context Evasive, defensive or aggressive reaction when asked to verify their identity Nervousness and other nonspecific clues

9 Copyright © 2011 IsecT Ltd. Slide 9 DART them! D elay A uthenticate R esist T ransfer

10 Copyright © 2011 IsecT Ltd. Slide 10 Front-line defenses I just need to confirm your voic could you reset your PIN code to 1234 please? Mmmm, sounds fishy … Id better refer this call to IT

11 Copyright © 2011 IsecT Ltd. Slide 11 Other aspects

12 Copyright © 2011 IsecT Ltd. Slide 12 Conclusion Be alert for the signs that someone might be socially engineering you, and DART ( D elay, A uthenticate, R esist and T ransfer) them! Report possible social engineering incidents, suspicious calls and near misses to IT Help/Service Desk Help us create a stronger security culture

13 Copyright © 2011 IsecT Ltd. Slide 13 Further information Speak to your manager, call the IT Help/Service desk or contact Information Security. Discuss social engineering with your work colleagues and family. Visit the intranet Security Zone.


Download ppt "Copyright © 2011 IsecT Ltd. Social engineering Spot it and stop it September 2011 Security awareness seminar."

Similar presentations


Ads by Google