SOCIAL ENGINEERING IN SOCIAL NETWORKING SITES: HOW GOOD BECOMES EVIL

Social Engineering (ES) is now considered the great security threat to people and organizations. Ever since the existence of human beings, fraudulent and deceptive people have used social engineering tricks and tactics to trick victims into obeying them. There are a number of social engineering techniques that are used in information technology to compromise security defences and attack people or organizations such as phishing, identity theft, spamming, impersonation, and spaying. Recently, researchers have suggested that social networking sites (SNSs) are the most common source and best breeding grounds for exploiting the vulnerabilities of people and launching a variety of social engineering based attacks. However, the literature shows a lack of information about what types of social engineering threats exist on SNSs. This study is part of a project that attempts to predict a persons’ vulnerability to SE based on demographic factors. In this paper, we demonstrate the different types of social engineering based attacks that exist on SNSs, the purposes of these attacks, reasons why people fell (or did not fall) for these attacks, based on users’ opinions. A qualitative questionnaire-based survey was conducted to collect and analyse people’s experiences with social engineering tricks, deceptions, or attacks on SNSs

テレビ カイギ システム オ カツヨウ シタ ゲンショク キョウイン ケンシュウ ノ コウチク

鳴門教育大学は，「学び続ける教員」を支援し，地域の教育課題に対応するため，徳島県教育委員会並びに阿南市教育委員会，美馬市教育委員会と協力し，テレビ会議システムICTを利用した研修室）による教員研修を開始した。その結果，テレビ会議システムによる研修は，地理的環境や小規模校ゆえに研修参加・実施が困難な教員の研修を活性化し，教員が児童生徒と向き合う時間を確保しながら，研修の充実を図ることにもつながることが示された。さらに，校内研修や教育相談，各教科等の部会など既存の研修にテレビ会議システムを活用することにより，教科指導や生徒理解に関する専門的知見を得られたり，喫緊の教育課題についても即時的にアドバイスを受けたりすることができるなど，教員の資質向上を図る上で効果的であることが明らかになった。また，公開講座の配信によって，地域の社会教育の発展と充実に資する人材育成を図ることが可能になるなど，学校を支える地域の人材活用の推進にも資することが今後期待される。Naruto University of Education，in collaboration with Tokushima Prefectural Board of Education, Anan City Board of Education, Mima City Board of Education, has started teacher training with the Teleconference System (Training room using ICT) to support teachers who continue to learn and to cope with local education issues. As a result, training with the Teleconference System has been shown to revitalize the training of teachers who find it difficult to participate in training and implementation due to the geographical environment and small scale of schools, and it has shown that teachers can improve their training while securing the time to face the students. Furthermore, utilizing the Teleconference system for existing training, such as in-school training, educational counseling, and subject group meetings, teachers can utilize professional knowledge on subject guidance and student understanding, and can receive immediate advice on urgent issues. It has become clear that satellite training is effective for improving the abilities of teachers. Also, it is expected that it will contribute to the promotion and utilization of regional human resources supporting the school, such as being able to foster human resource that will contribute to the development and enhancement of local social education through delivery of open lectures

Toward understanding social engineering

There is no doubt that social engineering plays a vital role in compromising most security defenses, and in attacks on people, organizations, companies, or even governments. It is the art of deceiving and tricking people to reveal critical information or to perform an action that benefits the attacker in some way. Fraudulent and deceptive people have been using social engineering traps and tactics using information technology such as e-mails, social networks, web sites, and applications to trick victims into obeying them, accepting threats, and falling victim to various crimes and attacks such as phishing, sexual abuse, financial abuse, identity theft, impersonation, physical crime, and many other forms of attack. Although organizations, researchers, practitioners, and lawyers recognize the severe risk of social engineering-based threats, there is a severe lack of understanding and controlling of such threats. One side of the problem is perhaps the unclear concept of social engineering as well as the complexity of understand human behaviors in behaving toward, approaching, accepting, and failing to recognize threats or the deception behind them. The aim of this paper is to explain the definition of social engineering based on the related theories of the many related disciplines such as psychology, sociology, information technology, marketing, and behaviourism. We hope, by this work, to help researchers, practitioners, lawyers, and other decision makers to get a fuller picture of social engineering and, therefore, to open new directions of collaboration toward detecting and controlling it