1
00:00:01,810 --> 00:00:09,050
Welcome to the module devoted to social engineering and fake programs in this part we will analyze a

2
00:00:09,050 --> 00:00:15,140
very interesting example of a massive scale social engineering attack which was actually conducted a

3
00:00:15,140 --> 00:00:16,230
few years ago.

4
00:00:17,530 --> 00:00:21,430
The attack used programs which seemed to do something other than they actually did.

5
00:00:24,520 --> 00:00:32,470
Let's start by defining the term social engineering.

6
00:00:32,500 --> 00:00:37,450
It describes a body of methods used to convince a person to do something they normally wouldn't do.

7
00:00:39,100 --> 00:00:46,450
This is an attack aimed at the mass user most technological solutions don't provide protection against

8
00:00:46,450 --> 00:00:51,470
social engineering attacks because they are targeted at users and not machines.

9
00:00:53,680 --> 00:00:56,900
Whether the system is up did it or not doesn't matter here.

10
00:00:59,190 --> 00:01:04,670
The end of the attack is to convince the user to reveal their password or to start a malicious program.

11
00:01:06,940 --> 00:01:09,460
The program will work within the user's privileges.

12
00:01:11,200 --> 00:01:13,310
And it will start processes and services.

13
00:01:13,410 --> 00:01:15,560
No matter if the system is updated or not.

14
00:01:18,870 --> 00:01:21,410
Why do we fall for social engineering attacks.

15
00:01:23,510 --> 00:01:25,990
Please have a look at the picture you see in the slide.

16
00:01:27,940 --> 00:01:33,600
What can you say about the person you see well he's definitely fit.

17
00:01:33,600 --> 00:01:37,850
But as is his judgment of risk sound.

18
00:01:38,040 --> 00:01:42,750
Can you properly assess the risk in an extreme situation.

19
00:01:42,750 --> 00:01:49,520
Probably not in these situations we're not able to properly assess the risk.

20
00:01:49,520 --> 00:01:51,860
This doesn't apply to operating systems only

21
00:01:55,190 --> 00:02:01,870
if a person tries to wrangle some money out of an elderly lady by pretending to be her long lost grandson.

22
00:02:01,880 --> 00:02:04,790
This is also a social engineering attack of sorts.

23
00:02:06,460 --> 00:02:11,350
We fall prey to such attacks because we underestimate the risk connected with well-known situations

24
00:02:12,220 --> 00:02:14,440
such as those that happen at home or at work.

25
00:02:18,090 --> 00:02:20,550
Because we feel safe in that kind of environment.

26
00:02:21,510 --> 00:02:27,090
We also feel safe about everything that is part of that environment even if it's new and a typical

27
00:02:30,100 --> 00:02:35,250
people have a tendency to react conventionally even to unconventional situations.

28
00:02:37,240 --> 00:02:42,990
If we don't know what to do we either ignore the threat or try to eliminate it at the lowest cost possible.

29
00:02:44,850 --> 00:02:48,780
For example by giving in to the attacker so that he stopped nagging

30
00:02:53,190 --> 00:02:58,390
we trust computer systems and computer applications too much.

31
00:02:58,520 --> 00:03:05,940
If we recognize our superiors name in the email header We very rarely question the e-mails authenticity.

32
00:03:06,030 --> 00:03:13,140
We have to be aware however the emails are sent by programs not people.

33
00:03:13,370 --> 00:03:18,710
Whether or not a social engineering attack is successful depends largely on how much information about

34
00:03:18,710 --> 00:03:21,090
the target the attacker manages to obtain.

35
00:03:23,060 --> 00:03:29,850
Many people have changed their attitude towards security recently obtaining that information is no longer

36
00:03:29,850 --> 00:03:30,720
a problem.

37
00:03:31,830 --> 00:03:38,240
It can be done at low cost remotely and almost fully automatically.

38
00:03:38,250 --> 00:03:41,650
That's why social engineering attacks are getting more and more widespread.

39
00:03:43,900 --> 00:03:48,130
We'll have a chance to try out one of the methods for the attack in the practical part of this module

40
00:03:50,360 --> 00:03:56,520
and social engineer dotcom will be able to track the operation from the perspective of the attacker

41
00:03:58,040 --> 00:04:01,460
social engineering attacks are so effective for one more reason.

42
00:04:02,480 --> 00:04:06,550
They are cheaper and easier to conduct than attacks targeted at operating systems

43
00:04:09,360 --> 00:04:11,080
from the attackers perspective.

44
00:04:11,190 --> 00:04:14,790
It's more efficient to attack users as the weakest point of the security.