Topic 4 - Social Engineering

Social engineering is considered an intentional threat. It is a term used among hackers for cracking techniques that rely on weakness in human nature rather than software. The goal is to trick people into revealing passwords and other information that can be used to compromise the security of their systems. Learn more about social engineering and what you can do below.

Example of Social Engineering

Acting as a field service technician or fellow employee with an urgent access problem, the caller attempts to have employees reveal passwords or other sensitive information like operating systems, logon IDs, server names, or application names.

Social Engineering Prevention Tips

You can play a vital role in preventing social engineering. Take a moment to review these tips, and remember, ask your Information Systems Security Officer if you need additional guidance.

Ask your Information Systems Security Officer (ISSO) for more guidance.

What Can I Do

What should you do if you receive a call that you believe is from an unauthorized person? Here are some suggestions that may help you deal with such a situation and avoid security breaches.

REMINDER!

Each organization has guidelines defining user security responsibilities. Ask your supervisor or ISSO for a copy of your organization’s guidelines. Remember, all incidents must be reported to your supervisor or ISSO.


Back | Next

Module 2

Main Menu

Resources