Hello everyone,
Before I begin, I want to tell you a story
So let’s imagine that Mister A has a house. and he wants to loan it for a month (for 1000 euros). He makes an announcement, Mister B tells him that he is interested, and to be sure that the house will not be loaned to another person, Mister B transfers the money before signing the contract.
Mister A has 3000 euros in his bank account, Mister B transfers 2000 euros to Mister A. So now Mister A has 5000 euros. But the month is only for 1000 euros, so Mister A calls Mister B to understand why he overpaid. Mister B says that he made a mistake, and demands Mister A to send his money back.
(What would you do if you were in the place of mister A? )
Mister A accepts to send back the money ( so now he has 4000 euros in his bank account),
……
I have good news and bad news, the good news is that you are good people, the bad news is that after two weeks, Mister A has in his bank account only 2000 euros.
But WHY?
….
We will see the response during my presentation.
(DIAPO 1)
So today, the subject of my presentation is Social Engineering.
(DIAPO 2)
In the beginning, I am going to explain the meaning of Social Engineering. After that, I am going to talk about the types of social engineering attacks.
(DIAPO 3)
So, what is social engineering?
-Social engineering is the term used for malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.
-What makes social engineering especially dangerous is that it relies on human error, rather than vulnerabilities in software and operating systems.
Social engineers know that it’s a basic human instinct to trust something that looks legitimate.
Now let’s move to the types of social engineering attacks,
Let’s begin with Phishing.
(DIAPO 4)
Actually originated from the word “FISHING”.
(DIAPO 5)
Phishing is the most common type of social engineering attack. The attacker recreates the website of a company and sends the link to targets via emails or social media platforms. The other person, completely unknown to the real attacker, ends up compromising personal information and even credit card details.
(DIAPO 6)
According to recent research from Proofpoint, 75% of organizations around the world experienced a phishing attack in 2020, and 74% of attacks targeting US businesses were successful. (And that’s explain why social engineering is a global issue)
(DIAPO 7)
This message is an example of phishing,
(DIAPO 8)
Now, let’s see the next type, “Spear phishing”,
(DIAPO 9)
Spear phishing attacks target one user at a time. The attacker puts a lot more effort into learning about their victim, including the details of their job role and the people they connect with on a regular basis. This enables the attacker to send a highly personalized email that’s much more difficult to detect.
(DIAPO 10+11)
The next type is Pretexting,
Pretexting is based on a scripted scenario presented in front of the targets, used to extract personally-identifiable information. An attacker might impersonate another person or a known figure.
(VIDEO)
I have a video that gives us an example of pretexting.
(DIAPO 13+14)
Finally, let’s talk about Mister A. The money of Mister A disappeared because Mister B transferred money with a fake check scam. But if it’s a fake check, why is money in Mister A's account? Banks have to make deposited funds available within days. It’s the law. But uncovering a fake check can take weeks. By then, the scammer has your money. And you have to repay the bank.
(DIAPO 15)
Did someone send you a check and ask you to send some money back, that’s a scam.
Also, don’t rely on money from a check unless you know and trust the person you’re dealing with.
(DIAPO 16)
To sum up, we can be victims of social engineering at any moment, and that’s what companies suffer from and lose a lot of money due to these attacks. Personally, I think that the best way to not be a victim is to know the types of social engineering attacks, that’s why I focus on this in my presentation.
Thank you for your attention.
Hello everyone,
Before
I
begin
, I want to
tell
you a story
So
let
’s imagine that Mister A has a
house
.
and
he wants to loan it for a month (for 1000 euros). He
makes
an announcement, Mister B
tells
him that he
is interested
, and to be sure that the
house
will not
be loaned
to another
person
, Mister B transfers the
money
before
signing the contract.
Mister A has 3000 euros in his
bank
account, Mister B transfers 2000 euros to Mister A.
So
now
Mister A has 5000 euros.
But
the month is
only
for 1000 euros,
so
Mister A calls Mister B to understand why he overpaid. Mister B says that he made a mistake, and demands Mister A to
send
his
money
back.
(What would you do if you were in the place of mister A?
)
Mister A accepts to
send
back the
money
(
so
now
he has 4000 euros in his
bank
account),
……
I have
good
news
and
bad
news
, the
good
news
is that you are
good
people
, the
bad
news
is that after two weeks, Mister A has in his
bank
account
only
2000 euros.
But
WHY?
….
We will
see
the response during my presentation.
(
DIAPO
1)
So
today
, the subject of my presentation is
Social
Engineering.
(
DIAPO
2)
In the beginning, I am going to
explain
the meaning of
Social
Engineering
. After that, I am going to talk about the
types
of
social
engineering
attacks.
(
DIAPO
3)
So
, what is
social
engineering?
-Social
engineering
is the term
used
for malicious activities accomplished through human interactions. It
uses
psychological manipulation to trick users into making security mistakes or giving away sensitive information.
-What
makes
social
engineering
especially
dangerous
is that it relies on human error,
rather
than vulnerabilities in software and operating systems.
Social engineers know that it’s a basic human instinct to trust something that looks legitimate.
Now
let
’s
move
to the
types
of
social
engineering
attacks,
Let
’s
begin
with Phishing.
(
DIAPO
4)
Actually
originated from the word “FISHING”.
(
DIAPO
5)
Phishing is the most common
type
of
social
engineering
attack
. The
attacker
recreates the website of a
company
and
sends
the link to targets via emails or
social
media platforms. The other
person
, completely unknown to the real
attacker
, ends up compromising personal information and even credit card
details
.
(
DIAPO
6)
According to recent research from
Proofpoint
, 75% of organizations around the world experienced a phishing
attack
in 2020, and 74% of
attacks
targeting US businesses were successful. (And that’s
explain
why
social
engineering
is a global issue)
(
DIAPO
7)
This message is an example of phishing,
(
DIAPO
8)
Now
,
let
’s
see
the
next
type
, “Spear phishing”,
(
DIAPO
9)
Spear phishing
attacks
target one user at a time. The
attacker
puts a lot more effort into learning about their victim, including the
details
of their job role and the
people
they connect with on a regular basis. This enables the
attacker
to
send
a
highly
personalized email that’s much more difficult to detect.
(
DIAPO
10+11)
The
next
type
is
Pretexting
,
Pretexting
is based
on a scripted scenario presented in front of the targets,
used
to extract
personally
-identifiable information. An
attacker
might impersonate another
person
or a known figure.
(VIDEO)
I have a video that gives us an example of
pretexting
.
(
DIAPO
13+14)
Finally
,
let
’s talk about Mister A. The
money
of Mister A disappeared
because
Mister B transferred
money
with a fake
check
scam.
But
if it’s a fake
check
, why is
money
in Mister A's account?
Banks
have to
make
deposited funds available within days. It’s the law.
But
uncovering a fake
check
can take weeks. By then, the scammer has your
money
. And you
have to
repay the bank.
(
DIAPO
15)
Did someone
send
you a
check
and ask you to
send
some
money
back, that’s a scam.
Also
, don’t rely on
money
from a
check
unless
you know
and trust the
person
you’re dealing with.
(
DIAPO
16)
To sum up
, we can be victims of
social
engineering
at any moment, and that’s what
companies
suffer from and lose
a lot of
money
due to these
attacks
.
Personally
, I
think
that the best way to not be a victim is to know the
types
of
social
engineering
attacks
, that’s why I focus on this in my presentation.
Thank you for your attention.
Funny
Love
Wow
Angry
Sad