Malware infections often begin with victims being tricked into clicking links or file attachments. Awareness and training goes a long way in reducing malware incidents.
- [Instructor] In this video, we'll talk about social engineering. Social engineering is essentially trickery or deception by a malicious user in an attempt to have victims divulge sensitive information. So it's really considered a malicious user reconnaissance technique, which means that it's a way for a malicious user to learn about a system or person. The idea being that we want to trick someone into somehow installing some kind of malware. So, in essence, the victim believes in the legitimacy of the perpetrator.
Divulging sensitive information comes in many forms, whether a malicious user is trying to get ahold of usernames, passwords, credit cards, banking information and so on. So as an example of social engineering, perpetrators will often try to exploit people's fears and greed, and that will come in the form of perhaps, coming across as if they are someone from authority, like a tax department official or law enforcement, or trying to tell someone that they've won a lottery or that they have an inheritance that they need to claim.
So, the various techniques that would be employed then would include things like phone calls, whereby the perpetrator will pose as somebody else that the victim would trust, or of course, it could also be in person, where someone is dressed for the part, has knowledge of specific procedures or incidents within the organization, and so on. And of course, it could be through email, which is very common these days. When we've got an email message that looks legitimate in terms of the logo, however there would be some kind of a file attachment or a URL link that the malicious user is trying to trick someone into clicking.
So, consider the current example. Here we've got an email message about an inheritance of 9.3 million dollars. Now ideally, what these scams normally do is trick the victim into following a link or wiring money over to release the funds, which makes me think why not just take that required amount out of the inheritance? But, a lot of people get caught with this type of inheritance scam. Another type of example of social engineering would be a resetting of an account, for example. So here, we've got an Outlook mail message that asks for a recent change in our account information.
But if you look at the email address, it should set off some red flags. That doesn't look like a legitimate email address, so essentially, they're trying to trick us into clicking the link down below to confirm our account information. So what could we do about this? And what does this have to do with anti-malware with System Center Endpoint Protection? Well, user awareness and training is always important to work in conjunction with our anti-malware solution. Of course, we need to use an anti-malware solution, like System Center Endpoint Protection, and make sure that the definitions are up-to-date.
We might also employ other techniques, like email spam filtering, to catch mail that is not to be trusted. So in summary, social engineering is trickery and deception where perpetrators exploit people's fears and greed in an attempt to try to trick them into clicking something and this is the launching pad for malware, and that's the relationship between trickery and anti-malware solutions.
- Malware types
- Getting Endpoint Protection up and running
- Deploying the SCEP Windows client
- Removing malware on a SCEP client
- Configuring custom policies
- Planning an update strategy
- Windows firewall settings
- Using PowerShell cmdlets for monitoring