Social Engineering
Unit 9 Summary - Part 2
Identity Theft!
Confidential information:
means secret information, such as: ID, credit card number, bank account, passwords, etc.
​
If a criminal steals your info, they can steal your money or use your credit card to buy expensive stuff, while you have to pay for that.
​
Social Engineering
​
is tricking people into giving away their confidential information.
Scams in real life
Don't install TEAM VIEWER or any other software, don't give anyone access to REMOTE CONTROL your computer.
Types of social engineering:
-
Blagging:
Calling you on the phone, pretending to be your bank/Gojek/Ovo/Dana/ShopeePay/etc., and asking for your private data (password/key, birthday, address, creditcard number, mother's name, etc.)
Sometimes they ask you to approve a transaction, so they can rob your bank account/Gojek/Ovo/Dana/ShopeePay, or use your credit card to withdraw a large amount of money.
​
-
Phising:
Sending fake email that looks like from your bank/Gojek/Ovo/Dana/ShopeePay/etc., asking for your private data (password/key, birthday, address, creditcard number, mother's name, etc.)
Real companies will never ask for your private details like this.
Phone the real company to check if someone there has contacted you.
Don't use the phone number on the e-mail, because that number is also fake.
Sometimes criminals send thousands/millions of fake emails and hope few people will be tricked.
-
​Pharming:
Creating a fake website that looks like your bank/Gojek/Ovo/Dana/ShopeePay/etc., hoping you login, to get your ID and password, so they can use those to steal all of your money.
Check for spelling mistakes, HTTPS and the lock sign.
Pharming is often linked to phishing, the fake email is sent with a fake URL.
​
-
Shouldering:
Just like the name, shouldering means standing at your shoulder to watch you enter your PIN/password.
If a criminal steals or copies your credit card/debit card, they need your PIN/password.
That's why if a person is standing too close, ask them to give you some space.
Block with your other hand, your body, or an object everytime you enter a password.
Oxford AQA IGCSE 2020
13.
Social engineering is the term used for attempting to trick or manipulate somebody into providing confidential information or access to a secure system. Name and describe three social engineering techniques. [6 marks]
Technique 1 ____________________________
__________________________________________________________________________________
​
Technique 2 ____________________________
​
__________________________________________________________________________________
​
Technique 3 ____________________________
​​
__________________________________________________________________________________
Answer:
​
-
Blagging (pretexting):
The act of creating / using an invented scenario to engage a targeted victim.
-
Phishing:
is a technique of fraudulently obtaining private information using email / SMS.
-
Pharming:
is a redirecting a website’s traffic to another site.
-
Shouldering:
is observing a person’s private information over their shoulder; or watching/recording them input/view their private information.
