Social Engineering

Social engineering is the art of manipulating, influencing, or deceiving you in order to gain control
over your computer system. The hacker might use the phone, email, snail mail or direct contact to
gain illegal access. Phishing,

Types of social engineering attack

The whole idea is based on the exploitation of certain human emotions; the
three most common ones to exploit are:
Fear: Cybercriminals use tactics to induce fear in the user. They create a sense
of urgency, making the user believe their computer or personal information is in
immediate danger.
Curiosity: Cybercriminals exploit human curiosity by presenting inviting
scenarios. For example, they may claim that the user has won a valuable prize,
like a car, or they
Empathy and Trust: People generally tend to trust and have empathy for
seemingly legitimate and well-established companies. Cybercriminals take
advantage of this trust by impersonating such companies through emails or
phone calls.
 Stages of social engineering

How to Keeping data safe from security threats

1, Access level - This refers to the privileges a user has within a system or
network. In computer security, access levels are assigned to each user account.
The higher the level, the greater the privilege.
Different access levels can include:
 Administrator or Superuser: Users with this level of access have
the highest privileges and control over the system. They can
perform critical system-level tasks, modify system
configurations, install software, and manage user accounts.

 Power User or Manager: This access level typically has elevated

privileges, allowing users to perform important administrative
tasks but with some limitations compared to administrators

 Regular User or Standard User: These users have basic access

privileges and can perform standard tasks on the system

 Guest or Restricted User: Guest users or those with restricted

access have very limited privileges.
2. Anti-Malware
Is any resource that protects computers and systems against malware, including
viruses, spyware and other harmful programs.
3. Anti-spyware
Is a kind of software is intended to prevent and detect unwanted spyware and,
consequently, removes them. Anti-spyware software will perform routine
checks on your computer to ensure your system is safe. As well as this, it will
also make sure your privacy is protected 24/7 from any possible intrusions.

4. Anti-spyware
Is a kind of software is intended to prevent and detect unwanted spyware and,
consequently, removes them. Anti-spyware software will perform routine
checks on your computer to ensure your system is safe. As well as this, it will
also make sure your privacy is protected 24/7 from any possible intrusions.
Key functions and benefits of anti-spyware tools:
 Spyware Detection: scan a computer system and detect the presence of
spyware, adware, and other potentially unwanted programs (PUPs). It
identifies files, registry entries, and system components that may be
associated with spyware.

 Real-Time Monitoring: Continuously watching for suspicious activities

and the installation of new spyware.

 Quarantine and Removal: When spyware is detected, anti-spyware tools

can quarantine the malicious files and, upon user approval, remove or
disable them.

 Updates and Definitions: Anti-spyware programs rely on regularly

updated databases of known spyware definitions.

 Browser Protection: Block or warn against malicious websites, phishing

attempts, and unwanted tracking cookies.

 Privacy Protection: protect user privacy by blocking data collection and

tracking by adware and spyware.

 Scheduled Scans: Users can schedule regular scans to ensure that their
systems are continuously checked for spyware.
 factors used in authentication

Username and Password

Username and password authentication is a method of verifying the identity of a
user accessing a digital system. The user provides a unique identifier, called a
username, and a secret, called a password, to gain access. The system then
compares this information with its stored database to verify the user's identity.
A strong password is one that is difficult for others to guess or crack. Here are
some tips for creating strong passwords:
 Use a Mix of Characters:
 Avoid Common Words:
 Longer Is Better:
 Avoid Personal Information:
 Randomness:
 Don't Use the Same Password Everywhere:
 Use a Password Manager:
 Change Passwords Regularly
 Enable Two-Factor Authentication (2FA): Whenever possible, enable
2FA for your online accounts. It adds an extra layer of security by
requiring a second verification step, such as a text message or
authentication app.
Activity 5.4
Biometrics
Is the identification of a person by the measurement of their biological features.
Types of biometric devices
This data is known as a biometric identifier, a physical, chemical, or
behavioural characteristic.
 Face scanner - Biometric face scanners identify a person by taking
measurements of a person's face. For example, the distance between the
person's chin, eyes (interpupillary distance), nose, and mouth. These
scanners can be very secure, assuming they're smart enough to distinguish
between a picture of a person and a real person. See our facial recognition
page for further information on this term.

 Hand scanner - Like your fingerprint, the palm of your hand is also
unique to you. A biometric hand scanner or hand geometry system
identifies the person by the palm of their hand.

 Finger scanner - A finger scanner identifies the person by their

fingerprint. These are a secure method of identifying a person.

 Retina scanner or iris scanner - A biometric retina or iris scanner

identifies a person by scanning the iris or retina of their eyes. These
scanners are a more secure biometric authentication schemes because
there's no known way to duplicate the retina or iris.

 Signature verification system - System that recognizes the shape of your

handwritten signature as a form of identification.

 Vein recognition - A biometric scan of a person's veins in the user's finger

or palm. See our vein recognition page for further information.

 Voice scanner – A voice analysis scanner or voice verification system

mathematically break down a person's voice to identify them. These
scanners help improve security.
Table 5.3 (Comparison of biometric devices)