logo

Social Engineering Security Awareness Program Discussion 2022

   

Added on  2022-09-26

3 Pages860 Words20 Views
 | 
 | 
 | 
Social engineering security awareness program
JOE: Sales office- Logs in into his computer and as the norm he starts by opening his mail to
check if there is any client requests, new client message, or any order requested by any client.
Receives a spam mail with header “ORDERS THAT YOU NEED TO WORK ON”
JOE: Hey Joe! (He gets more eager to know and smiling as his commission for the month will
be higher than other months). (To himself). The company CEO!! He will assist me with clients!!
This is awesome.
SCREEN: Joe opens the spam email from the said CEO. Scrolling down the spam email. It starts
by asking him to reconfirm his details to verify that there are true details. He then clicks a link
that takes him to the site (Similar to a system he uses within the organization works for). Joe
starts to enter his username and password (Details he uses to login to the company system).
JOE: Happy: (A message is sent back to him; I will submit customer details within 30 minutes)
SYSTEM: SOCIAL ENGINEER ATTACKER- key-logger details submitted from target system
IP address 192.168.1.100 (http://www.jimjamsalescompany.com)
SYSTEM- SOCIAL ENGINEER ATTACKER- Yes! I now have full access to Jim Jam
company sales team, clients’ details, and all the organization employees. Wah!!! They even
contact their customers via the system by sending them texted messages.
SYSTEM –SOCIAL ENGINEER ATTACKER – To herself (I do not have administrators logins
some of the functionalities are disabled, I need to use Nmap to get server details and then install
key-logger to have admin details)
Social Engineering Security Awareness Program Discussion 2022_1

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents