Abstract

This awareness talk is meant to bring attention to social engineering attacks, such as email and phone-based phishing, which continue to be high risk threats against companies of all sizes.

Target Audience

This talk does not build on any pree-xisting experience or knowledge and is therefore suited for anyone with or without IT/Security knowledge.

Details

Social engineering attacks, from mail or phone-based phishing to stolen devices and click baiting continue to be one of the most exploited attack vectors for companies and private persons and are still largely successful due to missing awareness about how these attacks work and how common these are. This talk is meant to give an overview about various social engineering techniques, detail how these attacks are layed out and executed and develop resistance against social engineering attacks.

The simple key messages of this talk:

• Anyone can and will eventually be a target of social engineering.
• Employees are an essential part of a companies security boundary.
• When in doubt, better doubt it.