Return to main site
Uncategorized

The Circuit: Social Engineering

By Together Abbey

on

This week’s topic for The Circuit is Social Engineering; essentially exploiting human psychology, or human nature, to gain access to personal data or break into a property or computer system.

Social Engineering works because we are naturally wired to be helpful and trusting, especially when someone appears to be in authority, in distress, or trustworthy. Hackers and conmen exploit these traits.

In a Senior School assembly a couple of weeks ago Mr Dalton discussed the book Thinking Fast and Slow by Daniel Kahneman. In his book Kahneman discusses two systems that drive the way we think. System 1 is fast, intuitive, and emotional; System 2 is slower, more deliberative, and more logical. Kahneman explores how these systems shape our judgments and decision-making. 

Social Engineers exploit System 1 thinking to make us click on a link, or give out some information without thinking. 


Common Types of Social Engineering Attacks include:

Phishing: This involves sending fraudulent emails or messages that appear to be from reputable sources to trick individuals into revealing personal information, like passwords or credit card numbers, or opening a malicious infected document.

Pretexting: Here, an attacker creates a fabricated scenario to steal their victim’s personal information, often by phone.

Baiting: Similar to phishing, baiting involves offering something enticing to the victim in exchange for private data.

Tailgating: An unauthorised person physically follows an authorised person into a restricted area or school.
(This closely resembles Shoulder Surfing where someone gains access to passwords and PIN numbers by “looking over your shoulder”)

Upper Five Computer Scientists were learning about Phishing Emails last week and were invited to send Mr Bradley their attempt.

This one shows just how easy it would be to click on a link. Notice how hovering over the link shows the destination address is not where it is supposed to be pointing.

Fortunately for me this only took me to Rick Astley’s Never Gonna Give you Up video on YouTube. 

How to Protect Yourself and Your Family:

Be Sceptical: Always verify the identity of the person you are interacting with online, especially if they request sensitive information.

Think Before You Click: Be cautious with links and attachments in emails, especially if they prompt for personal information or have unexpected attachments.

Keep Information Private: Be mindful of the amount of personal information you share online. 

As Mr Stevens said in last week’s article “The ability to judge when and what to post, when to report, how to report, [and] the confidence to say no” are invaluable skills for you and your children.

As part of our digital citizenship, it’s important to be vigilant and sceptical. Question things that seem out of the ordinary and don’t be afraid to say no to requests for personal or sensitive information. We’re all responsible for protecting not only ourselves but also our community from these increasingly common threats.

Written by Robert Bradley

Head of Computer Science and Digital Learning

Together Abbey
Share this
Tags

Other Articles

The Abbey

Inspiring Art – STEVE McQUEEN PURSUIT

Steve McQueen, Turner Prize winner and holder of an OBE, created this work in 2005. Pursuit was a l...
Juniors

Musical Moments

Our final two Musical Moments of the term were for Lower I and Upper II.  Both concerts showcased a...

© The Abbey Gateway