Lisa Bock reviews some techniques used in social engineering. Phishing attacks send out a massive amount of emails to bait victims to click a link. A pop-up is a small window that pops up in your browser. Mail attachments can be very dangerous as it may contain malware that can download and install a Trojan.
- [Voiceover] Social engineering is at the root…of many techniques,…which can include phishing, pop-ups,…and fake websites.…Phishing and pharming techniques send out massive emails.…Phishing emails bait victims to click to claim a prize,…sign up for a special program,…or sign in to check account information.…The message appears urgent and requires a quick response.…One in 10 individuals will respond.…
Here, we see a fake email.…I've created this to look like an IRS request.…Now, the email message can contain links…to bogus websites with the hopes of getting the victim…to click on the link and act.…Here, we see get started,…which will most likely be a link to a fake IRS site.…There, the hacker tries to get someone to enter…personal information.…The best advice is don't click on any link.…If after reading this you're concerned,…go directly to the website.…
Dangerous websites are also a tool cyber criminals use,…they create counterfeit websites to deceive people,…and it works.…As websites look very much like the genuine website…
In this course, cybersecurity expert Lisa Bock discusses the methods a hacker might use, including embedding malicious links and attachments in emails and using mobile devices and social media to deploy an attack. She discusses the concept of "misuse of trust"—how hackers use charm, power, and influence to penetrate an organization—and why you need to be extra cautious with the disgruntled employee. Finally, Lisa discusses countermeasures security professionals can take to address these attacks.
Note: This course maps to the Social Engineering competency of the Certified Ethical Hacking exam. Review the exam objectives at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Visualizing the victim
- Recognizing an attack
- Using charm, power, and influence
- Manipulating with social media
- Preventing insider attacks
- Stealing identities
- Pen testing with social engineering
- Taking countermeasures