New Training: Social Engineering Attacks and Tools

In this 7-video skill, CBT Nuggets trainer Bob Salmans discusses types of social engineering attacks as well as the tools used to execute them. Watch this new CompTIA training.

Learn CompTIA with one of these courses:

• CompTIA PenTest+ (PT0-001)

• Penetration Testing Tools

This training includes:

• 7 videos

• 53 minutes of training

You’ll learn these topics in this skill:

• Social Engineering Anatomy

• Social Engineering Attacks

• Social Engineering Tools

• Social Engineering Toolkit

• Using WifiPhisher

• Pharming With ShellPhish

• Social Engineering Review

3 Most Common Social Engineering Attacks and How to Prevent Them

Social Engineering attacks are a category of malicious attacks aimed at leveraging human interaction to achieve some malicious intent. The unfortunate reality of data security is that many exploits are facilitated by exploiting human interaction. The reason for this is humans can easily be tricked or manipulated into unintentionally installing malware or ransomware on their computer than a cybercriminal can then use to breach a network.

Three of the most common social engineering attacks are phishing attacks, scareware, and pretexting.

In a phishing attack, cybercriminals will often send an email or social media message to trick a user into clicking a link and inadvertently downloading malicious software on their computer.

In a scareware, cybercriminals will try and trick a user into downloading malicious software by presenting a pop-up that claims that the user has already downloaded malicious software and needs to click on the pop up to remove the malware. In this scenario, the act of clicking on the popup actually initializes the malicious software to gain access to the end user's computer.

In a pretexting attack, a cybercriminal will attempt to impersonate a coworker or IT admin within an organization and request sensitive information such as passwords to be sent to the cybercriminal.