Social Engineering: Defending Against Human-Based Deception

Author(s): Gareth Doherty

Human-based deception is using direct interactions with key individuals in an organization to manipulate them into providing the desired information. The main type of attack makes use of impersonation. Many of the tactics listed below (e.g. trust, diffusion, and moral duty) are used with impersonation to gain information.

Tags

security, audit, e-mail, help desk, spam, IT security, phishing, Security Policy, data classification, Security Management, trojan, hacker, data leakage, network security, Social engineering, social, trust, hacking, security training, Engineering, security awareness, manipulation, human firewall, dumpster diving, deception, social engineering cycle, security education, security audit, forensic analysis, mail-out, callback, callback policy, security log

Related Content: Security

Thought model representing Building an Enterprise IT Security Training Program

Building an Enterprise IT Security Training Program
Thought model representing IT Security Training Tool

IT Security Training Tool
Thought model representing Establishing Training Parameters Template

Establishing Training Parameters Template
Thought model representing Information Security Awareness and Training Content Development Tool

Information Security Awareness and Training Content Development Tool
Thought model representing Information Security Awareness and Training Appropriateness Tool

Information Security Awareness and Training Appropriateness Tool
© Info-Tech Research Group | Terms of Use | Privacy Policy