I am pleased to announce the launch of our new training program, Social Engineering: Spies and Sabotage. This course is a short module (~7 minutes long) that provides a general introduction to social engineering.
After discussing several types of social engineering (phishing, baiting, pretexting, and tailgaiting), the course provides advice for avoiding these tricks and scams. Key points are applied and reinforced with 4 scenario quiz questions.
The course is fast, lively, and very interactive.”Social engineering” is the use of trickery to fool people into divulging confidential information or into facilitating unauthorized access into computers or accounts.
Simply put, humans are easier to hack than machines. Hackers use a set of techniques that people will often fall for. Even the strongest passwords will not provide protection if people are tricked into revealing them.
Roughly 90% of malware requires a human interaction to infect. Much hacking isn’t done through technical wizardry but through trickery. Effective data security depends upon educating people about how to recognize and avoid the cons and tricks fraudsters use.
The module can stand alone as a short awareness piece or be fused with other topics in a longer security awareness training program.
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics.
Professor Solove is the organizer, along with Paul Schwartz of the Privacy + Security Forum (Oct. 21-23 in Washington, DC), an event that aims to bridge the silos between privacy and security.