itet2 its social engineering
TRANSCRIPT
- 1. Social engineering
2. Old school It's all about the money
- Hustling
3. Scams 4. Example 5. Psychology of scams cognitive and motivational processes
- trust and authority
6. visceraltriggers
- human desires and needs
7. greed, fear, avoidance of physical pain, or the desire to be liked Go here for full story 8. Inducing judgement errors
- Scarcity cues
- Unique opportunity
Induction of behavioural commitment
- Start small and get them rolling
Extreme cost/benefit 9. Lack of emotional control
- A psychological trait of victims
10. Examples Who needs spam, when we have this link http://www.urbanmillionaires.com/ Question:
- Is it true? Is it trustworthy?
11. Puts words on it from the previous slides.
- Still think it is trust worthy?
12. Examples Emotional distress steal a womans hand bag Question:
- Is this possible?
13. Is she gullible? 14. Still old school
- Gaining access to places you are not allowed
- http://www.youtube.com/watch?v=kOEWd_M5m44
The secret:
- Look as if you belong.
15. Relation to security
- No security with physical access
16. Why go through the firewall, if you may walk past? 17. People on the move Steal the laptop (covertly) http://www.youtube.com/watch?v=Gb3ZiTJkCaA&feature=related 18. People on the move Use their telephones against them
- for profit
19. reading the calendar, mails, SMS 20. As a bug 21. People on the move Wifi design vulnerabilitiesfor profit Is this possible? 22. People on the move
- Mobile IT
- A security nightmare
23. Too many variables Is this ok to use? Could it be fake? 24. People at the office
- Make them tell you their passwords.
- Teachers recurring story this time with an external reference....
25. from the BBC Question:
- Is this realistic? In Denmark?
26. People at the office Listen in on their keyboards please type something secret. Question
- Is this realistic?
27. Why is this more difficult than it seems? What has been left out? 28. People at the office
- Spam
- Check your mailbox
29. People at the office
- Receptionists are a crucial part of security
30. Educate people
- Like this?
31. Closing word Which on to use?Technical vs. social Answer: Both To read more, seethis