Prevent identity theft and network intrusion by hackers. Learn what social engineering is, who is being targeted, and how attacks are orchestrated.
- [Bock] Over time, industry has strengthened our network defenses with security appliances and anti-malware protection. As a result, the black hat hackers seek to penetrate a softer target, the people in an organization, by using social engineering. Hello, my name is Lisa Bock, and I am a security ambassador. In this course, I'll explore another phase of ethical hacking, social engineering. I'll cover concepts such as how attackers visualize the victim, the skills that are necessary to become a social engineer, and how to recognize an attack. By the end of this course, you'll understand how social engineers exploit our trusting nature and use charm, power, and influence to obtain information, or to get the target to complete an action, such as opening an attachment that contains malware, or clicking on a link. I'll explain how social engineers use different methods, such as browsers, mobile devices, and social media to launch an attack. In addition, I'll explain why you should be cautious of the disgruntled employee, insider attacks, and identity theft. This course is part of the ethical hacking series. Are you ready? Let's get started.
In this course, cybersecurity expert Lisa Bock discusses the methods a hacker might use, including embedding malicious links and attachments in emails and using mobile devices and social media to deploy an attack. She discusses the concept of "misuse of trust"—how hackers use charm, power, and influence to penetrate an organization—and why you need to be extra cautious with the disgruntled employee. Finally, Lisa discusses countermeasures security professionals can take to address these attacks.
Note: This course maps to the Social Engineering competency of the Certified Ethical Hacking exam. Review the exam objectives at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Visualizing the victim
- Recognizing an attack
- Using charm, power, and influence
- Manipulating with social media
- Preventing insider attacks
- Stealing identities
- Pen testing with social engineering
- Taking countermeasures