Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Learn Social Engineering
  • Toc
  • feedback
Learn Social Engineering

Learn Social Engineering

4.8 (8)
close
Learn Social Engineering

Learn Social Engineering

4.8 (8)

Overview of this book

This book will provide you with a holistic understanding of social engineering. It will help you to avoid and combat social engineering attacks by giving you a detailed insight into how a social engineer operates. Learn Social Engineering starts by giving you a grounding in the different types of social engineering attacks,and the damages they cause. It then sets up the lab environment to use different toolS and then perform social engineering steps such as information gathering. The book covers topics from baiting, phishing, and spear phishing, to pretexting and scareware. By the end of the book, you will be in a position to protect yourself and your systems from social engineering threats and attacks. All in all, the book covers social engineering from A to Z , along with excerpts from many world wide known security experts.
Table of Contents (16 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Disclaimer
Free Chapter
1
Introduction to Social Engineering
chevron up
Introduction to Social Engineering
Overview of social engineering
Applications of social engineering
The social engineering framework
Social engineering examples from Hollywood
Tips
Summary
2
The Psychology of Social Engineering – Mind Tricks Used
The Psychology of Social Engineering – Mind Tricks Used
Introduction
Modes of thinking
Microexpressions
NLP
Human buffer overflow
Tips
Summary
3
Influence and Persuasion
Influence and Persuasion
Introduction
Five fundamental aspects of persuasion
Setting up the environment
Reality alteration (framing)
Manipulation
Summary
4
Information Gathering
Information Gathering
Introduction
Gathering information about targets
Tips
Summary
5
Targeting and Recon
Targeting and Recon
Introduction
Banks
Old organizations
Organizational employees
Elderly people
Well-wishers
Tips
Summary
6
Elicitation
Elicitation
Introduction
Getting into conversations with strangers
Preloading
Avoiding elicitation
Learning the skill of elicitation
Tips
Summary
7
Pretexting
Pretexting
Introduction
Principles and planning of pretexting
Google hacking
Successful pretexting
Legal concerns of pretexting
Tools to enhance pretexts
Tips
Summary
8
Social Engineering Tools
Social Engineering Tools
The tools for social engineering
Tips
Summary
9
Prevention and Mitigation
Prevention and Mitigation
Learning to identify social engineering attacks
Mitigating social engineering attacks
Summary
10
Case Studies of Social Engineering
Case Studies of Social Engineering
What is social engineering?
Case studies of social engineering
Social engineering case study - Keepnet labs phishing simulation
Tips
Summary
11
Ask the Experts – Part 1
Ask the Experts – Part 1
Troy Hunt
Jonathan C. Trull
Marcus Murray and Hasain Alshakarti
Emre Tinaztepe
Milad Aslaner
12
Ask the Experts – Part 2
Ask the Experts – Part 2
Paula Januszkiewicz
Şükrü Durmaz and Raif Sarıca
Andy Malone
Chris Jackson
Daniel Weis
13
Ask the Experts – Part 3
Ask the Experts – Part 3
Raymond P.L. Comvalius
George Dobrea
Dr. Mitko Bogdansoki
Ozan Ucar and Orhan Sari
Sami Lahio
14
Ask the Experts – Part 4
Ask the Experts – Part 4
Oguzhan Filizlibay
Yalkin Demirkaya
Leyla Aliyeva
Aryeh Goretsky
Dr. Islam, MD Rafiqul, and Dr. Erdal Ozkaya
15
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Tips

Consider the tips as follows:

  • There is no patch for human stupidity or, in other words, there is always a way to manipulate humans (as you will read about in this book). As a result, you or your employees are the most difficult and the biggest resource that you have to protect.
  • Conduct a user awareness session often. There is always room for improvement in any social engineering training.
  • Do not share anything sensitive with anyone. Keep in mind, once a secret is known by two people, it's not a secret anymore.
  • If you are not sure about anything, proceed with caution.
  • Ensure physical security.
  • Classify information against dumpster-diving attacks. Even big corporations used this kind of attack in the past.
  • Keep in mind, based on ISACA in 2016, social engineering was, at 52%, the top cyber threat facing organizations. Regardless of when you are reading this section, social engineering will be still one of most dangerous attack types
Refer to www.isaca.org/cyber/PublishingImages/ISACA_CSX_Facts_2016-2-L.jpg for the top three cyber threats facing organizations in 2016.
End of Section 6
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete