1. Social engineering, in the context of information security, refers to ….
2. You could think of social engineering as a type of confidence trick for the purpose of information gathering, fraud, or system access
3. The attacks used in social engineering can be used to steal employees' confidential information. One common type of social engineering …
4. Another example of social engineering is a criminal posing as exterminators, fire marshals and technicians to go unnoticed and…
5. A hacker contacts a person via facebook, gains their trust and is given their bank details. Which statement is most accurate?
6. Social engineering relies heavily on the 6 principles of influence established by Robert Cialdini .Fill in the first blank
#1 ______________ – People tend to return a favor, thus the pervasiveness
of free samples in marketing.
#2 Commitment and consistency – If people commit, orally or in writing,
to an idea or goal, they are more likely to honor that commitment because of establishing that idea or goal as being congruent with their self-image. Even if the original incentive or motivation is removed after they have already agreed, they will continue to honor the agreement. Cialdini notes Chinese brainwashing of American prisoners of war to rewrite their self-image and gain automatic unenforced compliance. Another example is children being made to repeat the Pledge of Allegiance each morning and why marketers make you close popups by saying “I’ll sign up later” or "No thanks, I prefer not making money”.
#3 Social proof – People will do things that they see other people are doing.
For example, in one experiment, one or more confederates would look up into the sky;
bystanders would then look up into the sky to see what they were seeing.
At one point this experiment aborted, as so many people were looking
up that they stopped traffic. See conformity, and the Asch conformity experiments.
#4 Authority – People will tend to obey authority figures, even if they are
asked to perform objectionable acts. Cialdini cites incidents such as
the Milgram experiments in the early 1960s and the My Lai massacre.
#5 Liking – People are easily persuaded by other people that they like.
Cialdini cites the marketing of Tupperware in what might now be called
viral marketing. People were more likely to buy if they liked the person
selling it to them. Some of the many biases favoring more attractive people
are discussed. See physical attractiveness stereotype.
#6 Scarcity – Perceived scarcity will generate demand. For example,
saying offers are available for a "limited time only" encourages
sales.
Retribution
Retention
Reciprocity
Retarded
7. Which of the following are also forms of social engineering?
8. An example of blagging is a hacker calling a company and pretending to be their network manager.
9. Receiving a phone call explaining that you have won a prize but need to deposit money in order to claim it is an example of:
10. Phishing emails look to obtain passwords or bank details. The hacker may send a …
11. A way of ensuring that you are not fooled by a phishing email is to:
12. Pharming is terrifying because the email can be legitimate but clicking on the link takes you to a hacker's website. How?
13. ____________ is when the perpetrator obtains information while watching you use the device they want access to.
14. Baiting is like the real-world Trojan horse that uses physical media and relies on the _____________ of the victim
15. Organisations can reduce their security risks by: