Social engineers usually carry out their attacks by electronic means, but sometimes they go out into the real world and engage in physical attacks. Take a look at three ways that social engineers engage in physical attacks: shoulder surfing, dumpster diving, and tailgating.
- [Instructor] Social engineers usually carry out…their attacks by electronic means,…but sometimes they go out into the real world…and engage in physical attacks.…Let's take a look at three ways…that social engineers engage in physical attacks.…Shoulder surfing, dumpster diving, and tailgating.…The first of these, shoulder surfing, is pretty simple.…The attacker simply looks over the shoulder of the victim…as they do something sensitive on their computer.…These attacks might not be as obvious…as the one in the photo here.…
For example, someone sitting next to an employee…on a train or bus, might casually glance…at an open laptop screen and monitor activity.…The two best solutions to shoulder surfing…are simply being aware of who is around you…and using special privacy filters on laptop screens…that prevent someone from reading the screen at an angle.…Trash is gold, especially to a social engineer.…Organizations throw away all sorts of sensitive information.…And social engineers love to engage…in an activity known as dumpster diving.…
Author
Mike Chapple
Released
11/22/2017We are a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Comparing viruses, worms, and Trojans
- Backdoors and logic bombs
- Understanding the attacker
- Attack types: from denial of service to brute force attacks
- Preventing insider threats
- Wireless attacks
- Understanding cross-site scripting
- Preventing SQL injection
- Social engineering
- Scanning for vulnerabilities
- Penetration testing
- Assessing the impact of vulnerabilities
Skill Level Beginner
Duration
Views
-
Introduction
-
Welcome1m 47s
-
-
1. Malware
-
Looking at advanced malware4m 25s
-
Advanced persistent threats3m 40s
-
2. Understanding Attackers
-
Cybersecurity adversaries4m 11s
-
Threat intelligence2m 37s
-
-
3. Understanding Attack Types
-
Denial of service attacks4m 25s
-
Eavesdropping attacks4m 5s
-
Network attacks6m 19s
-
Network address spoofing3m 25s
-
Password attacks8m 22s
-
Watering hole attacks3m 6s
-
-
4. Wireless Attacks
-
Wireless eavesdropping4m 36s
-
WPA and WPS attacks3m 30s
-
Propagation attacks3m 42s
-
Disassociation attacks2m 41s
-
RFID security2m 56s
-
-
5. Application Attacks
-
Application security4m 16s
-
Preventing SQL injection5m 7s
-
Clickjacking1m 53s
-
Overflow attacks3m 25s
-
Session hijacking3m 50s
-
Malicious add-ons2m 26s
-
Code execution attacks3m 2s
-
Driver manipulation2m 45s
-
Error and exception handling3m 52s
-
-
6. Social Engineering Attacks
-
Social engineering5m 31s
-
Impersonation attacks4m 45s
-
Physical social engineering2m 27s
-
-
7. Vulnerability Scanning and Penetration Testing
-
Security assessment tools5m 50s
-
Scanning for vulnerabilities5m 35s
-
Assessing threats3m 14s
-
Threat assessment techniques2m 41s
-
Penetration testing3m 56s
-
-
8. Impact of Vulnerabilities
-
Vendor vulnerabilities4m 21s
-
Memory vulnerabilities4m 9s
-
-
Conclusion
-
Next steps42s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Physical social engineering