Module 03
This chapter talks in detail about the social engineering tactics and attacks. The social engineering it’s very difficult to stop since mostly we fight against human weaknesses. There is no technical measure that can totally stop social engineering attacks. The best way to secure the system against social engineering is a combination of spam filtering as well as user education. The security team has also developed its own phishing campaigns to find the clickers and users who do not follow the best practices. For HR and financial departments, there is a need for more sophisticated training on how to handle personal information. Moreover, the financial team has to have multiple approvers to process the payments and be trained on how to properly check the identity. The approval process needs to include multiple systems and cannot only rely on email or phone since these two media are very vulnerable to social engineering attacks and spoofs.
For this week's article, I chose the Deepfake software which allows us to fake the person's voice and video image. This type of software can be easily used for faking voice calls or even videoconferencing. Usage of deep fake software moves social engineering on a different level.
Please take a look at this link which talks about deep fake technology and the risk which comes with them.
No comments:
Post a Comment