Data Security Awareness Training

Social Engineering


“Social engineering” is a term that describes how hackers and fraudsters trick people into divulging confidential information or into performing actions that enable unauthorized access into a computer network.

Hacker PNG 02About 90% of malware requires a human interaction to infect.  Hackers often succeed not because of their technical wizardry; they succeed because they are good con artists and trick people. Data security is only partly technical – it’s a human behavior issue.

There are many social engineering techniques that criminals use.  Some of the most common ones include:

Phishing — fraudulently obtaining sensitive data through by tricking people into providing the data, clicking on a link to a malicious website, or opening an email attachment with malware.

Spear Phishing — phishing using personal information, which is much more effective in tricking people.

Vishing — phishing via the use of the telephone.

Baiting — leaving something lying around (often a USB or thumb drive) that people might pick up and plug into a computer out of curiosity; the device will then infect the computer with malware.

Pretexting — making a phone call pretending to be someone else to trick a person into revealing data.

The best way to combat social engineering is to educate people about how not to be fooled.  Information security awareness training is essential.  Everyone in the workforce needs to be aware of the kinds of tricks fraudsters use and how to spot suspicious emails, attachments, links, or phone calls.  All it takes is one person to make one wrong click . . . and there’s a data breach!  The more people who are cautious and wise, the lower the risk.

Our Awareness and Training Courses

Social Engineering Training

Data Security Training Social Engineering This course is designed to raise awareness about social engineering.The video (~4 minutes) discusses social engineering — the tricks hackers use to fool people into helping them gain access into a computer network.  Common social engineering techniques are covered, such as baiting, pretexting, phishing, and spear phishing.  The interactive quiz (~1.5 minutes) tests on and reinforces the lessons in the video.
Data Security Training Avoiding Phishers Hackers and Social Engineers This information security training course (~15 minutes) teaches how to avoid being victimized by phishing attacks, hacker tricks, and social engineering. The course covers the various techniques of social engineering (such as phishing, baiting, and pretexting), common phishing techniques, the types of threats contained in email, and the dangers from visiting websites or downloading software.
Data Security Training Spies and Sabotage This information security training course (~7 minutes) provides a general introduction to social engineering. After discussing several types of social engineering (phishing, baiting, pretexting, and tailgaiting), the course provides advice for avoiding these tricks and scams.

Phishing Training

Data Security Training - Phishing This course is designed to raise awareness about phishing and inform trainees about the dangers. It teaches the warning signs to help trainees better spot phishing attempts, and it explains what people should do if they have any suspicions about an email or phone call. Length:
Extended Version ~12 mins
Condensed Version ~6 mins

Phishing 01

The full-length course is divided into three parts:

Discusses the dangers and types of phishing, including spear phishing and vishing (phishing via phone).

Discusses the various warning signs to look out for.

Discusses what people should do when they have questions or suspicions.

The Thumb Drive Discovery

Security Awareness Training Vignette Thumb Drive Discovery The interactive cartoon (~3 minutes) has trainees engage with a scenario involving what to do when finding an unknown USB drive. It uses humor and is highly interactive and memorable.

The Thumb Drive Discovery

The Email from the IT Department

Security Training Vignette Email IT Department 02 This interactive cartoon (~2 minutes) has trainees engage with a scenario involving what to do when receiving a potential phishing email purporting to come from the IT Department.

Email from IT Department

Click here for a listing of all our data security courses

Click here for our catalog

Please Contact Us to Evaluate this Program or Others

We can provide you with a login so you can evaluate the programs.

    First Name

    Last Name




    Phone No.


    Please tell us about your training needs

    Professor Solove’s newsletter covers his latest writings, events, and training. It is sent weekly.
    You can unsubscribe at any time. Click to see a sample issue.
    Would you be interested in subscribing?
    YesNoAlready Subscribed

    About TeachPrivacy and Our Training Philosophy

    Daniel Solove Privacy Awareness Training TeachPrivacy was founded by Professor Daniel J. Solove, the leading expert on privacy and data security law. He is deeply involved in the creation of all training programs because he believes that training works best when made by subject-matter experts and by people with extensive teaching experience.

    According to Professor Solove: “Great training isn’t about slickness or tricks. It is about teaching. The goal is to make people understand, care, and remember. Great training is made with genuine passion – to make people love training, it must be made with love. Excellent substance is essential. The material must be explained clearly, understandably, and concretely. The content must be short and to the point – and it must be engaging. Slickness and gimmicks can’t compensate for lackluster substance.”

    TeachPrivacy provides privacy awareness training, information security awareness training, phishing training, HIPAA training, FERPA training, PCI training, as well as training on many other privacy and security topics.

    Professor Solove is a law professor at George Washington University Law School. He has taught privacy law every year since 2000, has published 10 books and more than 50 articles, including the leading textbook on information privacy law and a short guidebook on the subject. His LinkedIn blog has more than 1 million followers. Click here for more information about Professor Solove.