1 of 21

Computer Science Careers

Outside computing

Average pay

Main Jobs

System Security

Employers

Subject links

Key Skills

Companies are targeted constantly by cyber-attacks, it is your responsibility as an employee (especially when self-employed) to avoid viruses and scams.

£32,000 - £12,000

Threat intelligence
Cyber Security Consultant
Penetration tester

1.MI5

2.HSBC

3.IBM

4.MOD

1.Mathematics

2.Networking

3.Ethics and Law

Understand how to keep your device safe and secure when using the internet.

Further reading - https://www.learnhowtobecome.org/computer-careers/cyber-security/

2 of 21

Cyber Security:

Social engineering

3 of 21

Social engineering

Learning Objective:

To understand the different type of social engineering

Learning outcome:

Explain one way to prevent each type of social engineering.

4 of 21

iCan()

iCan.Explore()

I show an understanding of the topic by briefly describing my understanding

iCan.Enhance()

I show a good technical understanding and am able to show this through detailed description and evaluation of effectiveness.

iCan.Excel()

I can show an excellent technical understanding of the topic and can give factually correct examples and evidence.

5 of 21

Human error

People are usually the weakest point in security systems.

Criminals have engineered methods to take advantage of human error and gullibility.

In 2010 – a total of 35 laptops were lost by GCHQ staff. These devices contained highly sensitive national security data.

6 of 21

Social engineering (concept)

Social Engineering refers to ways psychological manipulation to get people to perform actions or give away information.

Common methods of doing this include:

Blagging
Shouldering
Phishing

7 of 21

Blagging

In general terms blagging refers to obtaining something by persuasion or deception.

This is similar in Computing. The perpetrator invents a scenario designed to play on the victim’s emotions. Therefore, increasing the chance they give out information they wouldn’t normally.

https://www.youtube.com/watch?v=6yGvO-FefUc

8 of 21

Blagging

What measures can be taken to stop these blagging scenarios?

A man in a high vis has came to reception to fix the air con in the server room.
Your bank has phoned a requested you change your password as your account is being hacked.
A hacker is claiming that he has locked you out of all your file unless you pay a ransom.

9 of 21

Shouldering

Hacking can occur through simple data interception

Looking over shoulders when typing in your pin
Accessing a computer that has been left logged in
Finding out somebody's password and using it to access their files.

10 of 21

Shouldering

Where my shoulding occur in your day to day lives?

How can we prevent shouldering?

How can companies prevent shouldering?

11 of 21

Phishing

Phishing attempts to trick the victim into giving away personal details, such as passwords.

This is usually done through emails pretending to be from a trusted source, such as a bank. They will often contains links to replica sites designed to look like the original company’s.

12 of 21

What is wrong with this email?

13 of 21

Fake websites

Phishing emails will try and get you to click on a link to download a virus or to a fake website to steal your details.

See if you can spot what is wrong with the websites on the next slides.

15 of 21

A URL is quick way to check if a site is suspicious or not.

17 of 21

While the URL is correct there are alot of spelling mistake on this page. As paypal is a large company, mistakes like this are unlikely. The web browser or DNS table may have been tampered with.

19 of 21

Any website where you are giving your personal details (especially card details) should be secure.

20 of 21

Phishing emails

What makes contents is required for a good phishing email?

21 of 21