Professional Documents
Culture Documents
Security Awareness
Security Awareness
Security Awareness
1
Facts about Social Engineering
1 in every 99 emails is a phishing attack. In other words, 4.8 emails per employee in a typical
five-day work week are phishing emails.
43% of IT Professionals say they have been targeted by social engineering in the last year.
45% of employees click emails the consider to be suspicious “just in case it’s important”
45% of employees don’t report suspicious messages out of fear of getting in trouble
2
Social Engineering
What are common social engineering attacks a company will be subject to?
Phishing
Spear Phishing
Vishing
Whaling
Scareware
3
How to know if you are being socially engineered
4
Phishing
5
Email (Phishing/Whaling)
6
Quiz Time
7
Quiz Time – Answer
8
Phone Call (vishing)
Scam calls or calls pretending to be someone from your financial institution for example:
9
Scareware
10
Scareware attempt
11
Quid Pro Quo
12
Scratch my back, I’ll scratch yours
13
How do we protect ourselves?
14
How to mitigate a successful attempt
CALL the user from a known number if you suspect a phishing attempt.
15
Current Safeguards
IP Block Lists
Blocked Domains
Anti-impersonation list
Anti-Virus software
16
What to do with your social engineering attempt
Save the entire email and put it in a ticket to notify your IT Department
17
Action to take if you are phished
18
You are the first line of defense with social engineering attempts.
19