Social media has been popular for the last decade. However, it can pose a risk to an organization. Lisa Bock covers risks, including likejacking, reputation risk, and exposure of private information, which can lead to identity theft. She reviews best practices for individuals and companies to defend against social engineering attacks.
- [Voiceover] Social media has been popular…for over a decade.…Individuals and companies have joined…some type of platform in order to…share information, images, or anecdotes.…However, social media can pose a risk…to an organization for many reasons.…In an organization, there is a lack of oversight,…in that many managers admit they…do not have social media policies…in place on proper practices and uses.…In addition, they do not monitor employees post,…nor do they train their employees…on the potential for reputation risk.…
Hackers rely on this lack of oversight…to take advantage of someone while being social.…Social networking attacks are dangerous,…as they pray on individuals in an informal environment.…They appeal to an individuals sense of belonging…and fear of what other's will think of them.…If seemingly everyone clicks on a recent post,…most people will follow suit.…This is where the danger lies.…The victim gets a message from someone they think they know,…and then they click on a link.…
The message will speak to the victim in some way.…
In this course, cybersecurity expert Lisa Bock discusses the methods a hacker might use, including embedding malicious links and attachments in emails and using mobile devices and social media to deploy an attack. She discusses the concept of "misuse of trust"—how hackers use charm, power, and influence to penetrate an organization—and why you need to be extra cautious with the disgruntled employee. Finally, Lisa discusses countermeasures security professionals can take to address these attacks.
Note: This course maps to the Social Engineering competency of the Certified Ethical Hacking exam. Review the exam objectives at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Visualizing the victim
- Recognizing an attack
- Using charm, power, and influence
- Manipulating with social media
- Preventing insider attacks
- Stealing identities
- Pen testing with social engineering
- Taking countermeasures