Professional Documents
Culture Documents
Social Engineering Case Study
Social Engineering Case Study
Technologies
Titus Williams
Alexander Bejarano
Axyle Belveal
Elise Cloonan
Ella Nguyen
OVERVIEW
• Introduction
• Social Engineering
Methods
• Prevention
Introduction to Social
Engineering
• Organizational Impact: "The FBI highlights significant harm from social engineering
attacks on the elderly, affecting both victims and their caregivers." (Source: "FBI
Springfield Warns of the Devastating Outcome of Elder Fraud")
• Prevention Pathways: "The FBI emphasizes the importance of recognizing scams, being
cautious with communication, and keeping security software up-to-date." (Source: "Elder
Fraud: If a Former FBI/CIA Director Can Be Targeted, So Can You")
• Our Collective Role: "Stressing the FBI's focus on both investigating and preventing elder
fraud, and the necessity for community awareness and education." (Source: "FBI
Springfield Warns of the Devastating Outcome of Elder Fraud")
Social Engineering
Methods
Methods: Exploiting Human Behavior
• Phishing – In 2022, Phishing is the top crime type according to the FBI
• Email phishing – creates a believable email that contain malicious links
• Vishing – phone calls aimed towards exposing personal information
• Spear Phishing – targets departments of business, tailored approach
• Pretexting – often used in many other attacks
• Creating a fake identity to gain trust
• Building a believable backstory
• Scareware
• Social Engineering tactic that aims to scare or influence people to install
malicious software – usually disguised as a cybersecurity solution
Social Engineering Examples
Tech Support Scam –
Romance Scam – attacker Grandparent Scam – uses
scammers impersonate
preys on loneliness fear
well-known companies
• "In 2021, the IC3 received • In 2021, reports indicate • Fraudster claim a
reports from 24,299 that people over the age victim's grandchild is in
victims who experienced of 60 lost $1.68 billion danger or even claim to
more than $956 million in • Claim to work for tech be the grandchild – ask
losses to Romance support to alleviate for sums of money to
scams." comprised systems or "save them"
• 48% percent of reports malware
came from people over • Originate in Southern Asia
the age of 50
• Originate in West Africa
• Business interruption
+ Computer system is infected causing downtime, financial loses, and
reducing productivity.
• Legal liability
+ Business is binding to legal obligation to customers' data.
=> Losing control to internal system and being vulnerable to the external
attackers and competitors will lead to financial burden for the recovery time and
damaging the company reputation.
On the Elderly
• Profitable target to Social Engineering Attack
+ Use the same password for multiple account.
+ Lack of knowledge in technology and cyber awareness.
+ Can be manipulated by fear.
+ Easily give out personal information to phone scam.
+ Potential victim to online dating.
Protecting the Elderly Against
Social Engineering Attacks
By following these strategies and staying vigilant, we can help the elderly protect themselves
against social engineering attacks and navigate the digital world more securely.
Common Protection & Prevention Resources
for the Elderly
Increased Use of Advanced Technology The Shift of Atack Mediums Phycological Social Engineering Attacks
The growing reliance on Artificial Intelligence Transitioning from phishing and Utilizing your personal information to create a
presents a significant risk in terms of social spam calls to targeting through trigger that leads to the disclosure of
social media platforms. confidential data.
engineering security.
The use of
Advanced
Technology
With the advancements in artificial intelligence (AI),
being cautious about who you communicate with
and what information you share online becomes
increasingly important. AI's capability to mimic
someone's voice with a brief sample has been highly
effective and convincing. This technological progress
extends to AI's ability to replicate writing styles,
posing new challenges in digital communication.
Recognizing the person's authenticity on the other
end of a conversation is now more complex. As AI
evolves, distinguishing between genuine and AI-
generated communications will require greater
vigilance.
Shift of Attack
Medium
Social engineering attacks are shifting to using
various online platforms, where people often
share personal data. This abundance of
publicly available information allows attackers
to compile detailed profiles of individuals,
leading to highly personalized and convincing
attacks. The diversity of these platforms,
ranging from social networks to professional
sites, offers attackers multiple avenues to
exploit, making it challenging for users to
identify malicious intents.
Psychological Social
Engineering
Attacks
• Security, Staff Writer at LMG. “2023 MGM Breach: A Wake-up Call for Better Social Engineering Training for Employees.” LMG Security, 17 Oct. 2023,
www.lmgsecurity.com/2023-mgm-breach-a-wake-up-call-for-better-social-engineering-training-for-employees/.