37,666 research outputs found
The Design and Evaluation of an Interactive Social Engineering Training Programme
Social engineering is a major issue affecting organisational security. Educating employees on
how to avoid social engineering attacks is important because social engineering tries to
penetrate an organisation by using employees to grant authorized access to sensitive
information. While there are a number of theoretical studies about social engineering, a few
practical studies have moved towards educating and training employees on how to spot such
attacks. In this research, we emphasise the importance of educating employees to make them
more resilient to these kinds of attacks.
We developed an educational video encapsulated within a Social Engineering Training
Programme. This is essentially an interactive training video during which the learner interacts
with three different scenarios; educational content, a knowledge-check, and a web page
containing the latest news about current social engineering attacks.
The training programme was evaluated in a Saudi trading company with 24 employees. The
evaluation showed that the programme delivered a positive impact in terms of awareness, as
tested by a post-training qui
Analisis Penyerangan Social Engineering
In the era of Information where the Information itself has became one of valuable asset for an organization so, an organization will tried to protect the information that they have. But, even the thickest wall of security can fall if the people inside the security wall make mistake that leads to security hole. This kind of mistake usually can be exploit by hacker using Social Engineering. This research is trying to explore this type of attack by analyzing, gathering literature, and finding similar incident that already happen before, to give other people information about Social Engineering and the threat that this type of attack can pose. The result of this research will be recommendation that can be used to protect the company's information from the threat that comes from Social Engineering
Social engineering and crime prevention in cyberspace
This paper highlights methods of syntactic and semantic social engineering attacks (human-based and computer-based) that are currently prevalent in the cyber community. It will also present the emerging trends in high-tech crime; and, the likely future direction cyber-crime will take with respect to social engineering
Antisipasi Dampak Social Engineering pada Bisnis Perbankan
Perkembangan teknologi informasi membuat institusi perbankan mengubah strategi bisnis dengan menempatkan teknologi sebagai unsur utama dalam proses inovasi produk dan jasa. Kecanggihan teknologi yang diterapkan oleh institusi perbankan telah diakui mampu menangkal potensi kejahatan perbankan yang dilakukan oleh hacker. Menyadari semakin canggihnya perlindungan sistem perbankan, hacker tidak hanya beroperasi di Balik komputer untuk menyerang targetnya, mereka juga menghampiri targetnya secara langsung untuk mendapatkan informasi berharga yang mereka butuhkan sehingga dapat mengakses sistem yang terlindungi oleh benteng keamanan dan membuat penanganan keamanan apapun menjadi tidak berguna, cara seperti inilah yang biasa disebut sebagai Social Engineering. Dalam social engineering, si pelaku memanfaatkan sifat alamiah dari manusia. Hal ini diartikan bahwa betapa sifat alami manusia dapat diketahui dan dipelajari juga dimanfaatkan untuk tujuan tertentu. Kejahatan social engineering sangat membahayakan bisnis perbankan karena berpotensi menimbulkan kerugian finansial, reputasi dan hukum bagi bank dan nasabahnya melalui serangan fisik dan serangan psikologis. Untuk mengurangi resiko tersebut, bank perlu untuk melatih dan mendidik staf mereka mengenai ancaman keamanan dan bagaimana caranya mengenali dan mengantisipasi serangan Social Engineering. Untuk mencegah dampak social engineering pada bisnis perbankan diperlukan langkah antisipatif melalui mencegah kebocoran password, keamanan akses informasi, verifikasi kontak, mengikuti prosedur, pelaporan tindakan mencurigakan, menjaga emosi, pelatihan berkelanjutan dan memberikan edukasi kepada nasaba
A New Role for Human Resource Managers: Social Engineering Defense
[Excerpt] The general risk of social engineering attacks to organizations has increased with the rise of digital computing and communications, while for an attacker the risk has decreased. In order to counter the increased risk, organizations should recognize that human resources (HR) professionals have just as much responsibility and capability in preventing this risk as information technology (IT) professionals.
Part I of this paper begins by defining social engineering in context and with a brief history pre-digital age attacks. It concludes by showing the intersection of HR and IT through examples of operational attack vectors. In part II, the discussion moves to a series of measures that can be taken to help prevent social engineering attacks
Case Study On Social Engineering Techniques for Persuasion
There are plenty of security software in market; each claiming the best,
still we daily face problem of viruses and other malicious activities. If we
know the basic working principal of such malware then we can very easily
prevent most of them even without security software. Hackers and crackers are
experts in psychology to manipulate people into giving them access or the
information necessary to get access. This paper discusses the inner working of
such attacks. Case study of Spyware is provided. In this case study, we got
100% success using social engineering techniques for deception on Linux
operating system, which is considered as the most secure operating system. Few
basic principal of defend, for the individual as well as for the organization,
are discussed here, which will prevent most of such attack if followed.Comment: 7 Page
Action research and democracy
This contribution explores the relationship between research and learning democracy. Action research is seen as being compatible with the orientation of educational and social work research towards social justice and democracy. Nevertheless, the history of action research is characterized by a tension between democracy and social engineering. In the social-engineering approach, action research is conceptualized as a process of innovation aimed at a specific Bildungsideal. In a democratic approach action research is seen as research based on cooperation between research and practice. However, the notion of democratic action research as opposed to social engineering action research needs to be theorized. So called democratic action research involving the implementation by the researcher of democracy as a model and as a preset goal, reduces cooperation and participation into instruments to reach this goal, and becomes a type of social engineering in itself. We argue that the relationship between action research and democracy is in the acknowledgment of the political dimension of participation: ‘a democratic relationship in which both sides exercise power and shared control over decision-making as well as interpretation’. This implies an open research design and methodology able to understand democracy as a learning process and an ongoing experiment
- …