Social engineering is the ultimate con - the bag of tricks employed by fraudsters who will lie, cheat and steal their way past your organization's security controls. Their goals: theft, fraud or espionage. Your best line of defense: Your people.
Fraud incidents are on the rise - especially in financial services and healthcare - and many of these crimes result from social engineers pulling off deception in person, via the telephone and through popular social networking sites.
Register for this webinar to hear directly from a former FBI Special Agent:
What Social Engineering is;
The Latest Scams;
Why Social Engineering Is So Effective;
Steps to Take to Prevent "Being Socialed."
The presenter, E.J. Hilbert, is a former FBI Special Agent specializing in international hacking, carding and fraud teams. He has trained law enforcement representatives throughout the U.S., Canada, the United Kingdom, Belarus, Russia and the Ukraine.
Despite all the media hype about hackers and viruses, the greatest threats to an organization's information security are the employees of the company. They're the ones who too often, too willingly, fall victim to Social Engineering ploys and open the doors wide to slick-tongued fraudsters.
When an intruder targets an organization for attack, be it for theft, fraud, economic espionage, or any other reason, the first step is reconnaissance. They need to know their target. The easiest way to conduct this task is by gleaning information from those that know the company best. Their information gathering can range from simple phone calls to dumpster diving. It is not beyond an attacker to use everything at their disposal to gain information. Much like the telemarketer badgers the elderly couple into investing in fraudulent stock, a social engineer uses all the tricks in the book to obtain the goal.
Being cognizant of these types of attacks, educating your employees about the methodologies of the attacks, and having a plan in place to mitigate them are essential to surviving these manipulations.
This presentation focuses on the core issues of social engineering's methodologies, effectiveness and prevention - as well as how to test the effectiveness of your training efforts. These core components include:
Identifying the many forms in which the attack may occur;
Understanding the intention of the attack;
Educating the potential victims;
Creating a policy to minimize the impact of the attack;
Testing employees' abilities to sniff out social engineering scams;
Managing a program to ensure that ongoing reviews and updates are in place;
Regular testing to ensure the effectiveness of your training initiatives.
You will understand social engineering methodologies, why it is the most effective tool in attacking a company and why so many people fall victim. You will also learn how the importance of effective corporate communication and incident response planning can prevent attacks from occurring in the first place. You will discover new ways to test the effectiveness of your awareness efforts. And finally you will learn what to do "next" after the attack has occurred. Can you put the genie back in the bottle? Yes, if you know where the genie is likely to go next.
Remember, everyone is susceptible to "being socialed."
Former FBI Special Agent; Director - Cyber Risk Assurance, PwC
E.J. Hilbert is a former FBI Special Agent specializing in international hacking, carding and fraud teams. He has trained law enforcement representatives throughout the U.S., Canada, the United Kingdom, Belarus, Russia and the Ukraine.
E.J. served as the agent in charge of the investigations into the intrusions of over 300 financial institutions, two major telecoms and multiple U.S. government agencies. He served on the first joint Russian-U.S. Criminal Working Group.
E.J. spent the final years with the FBI chasing Al Qaeda via their online communications networks, eventually bringing Treason charges against the American Al Qaeda spokesman Adam Gadahn.