maanav jugaad - social engineering
DESCRIPTION
TRANSCRIPT
http://nullcon.net/
Maanav JugaadWill you be my Friend?
http://null.co.in/
http://nullcon.net/
Are you sure you are just being “SOCIAL”?
http://null.co.in/
http://nullcon.net/http://null.co.in/
http://nullcon.net/
The world Around
http://null.co.in/
http://nullcon.net/
Techniques• Phishing• Abuse of Trust• Baiting• Identity Theft• Dumpster Diving• Email Scams• Use of Authority• Request for Help!! • Indulging Curiosity• Exploiting Greed
http://null.co.in/
http://nullcon.net/
Why does it work?
• Because we are fools!! – Yes we tend to trust– People want help– Greed– Fear– Sympathy
http://null.co.in/
http://nullcon.net/
Social Networks for Social Engineers
• Huge attack Surface• Zero skills required• Easy access• Reconnaissance at its best!
http://null.co.in/
http://nullcon.net/
SOME STATS
http://null.co.in/
http://nullcon.net/
SOME STATS
http://null.co.in/
http://nullcon.net/
Security?? Eh???
http://null.co.in/
http://nullcon.net/http://null.co.in/
http://nullcon.net/
First the Answers
• I meet my friends whom I haven't seen for very long
• I make friends and more friends • I play games with my friends , compete with
them • I talk with my friends and share photos.• I love doing things virtually that I cant do in my
real life (farming, construction, gamble).
http://null.co.in/
http://nullcon.net/
Then the questions!!!
• How much do they make sense in your social life?
• Are you talking to the right person?• Are you sharing it the right way to the right
people?• Is the “friend” is the actual friend of yours?
http://null.co.in/
http://nullcon.net/
Some real issues
• Addiction – Spending a lot of time• Content Security – images, user data• Hacks • Malicious Applications • User authenticity AND• Ignorance
http://null.co.in/
http://nullcon.net/
Do you do this ?
http://null.co.in/
http://nullcon.net/
Have you paid attention to this??
http://null.co.in/
BOOOOOOM!!!!
http://nullcon.net/
Who really ignores such offers??
http://null.co.in/
Great offers eh??
http://nullcon.net/
Have you ever visited this page?
http://null.co.in/
It scares you when you look at the loong list
http://nullcon.net/
AM I JUST FOCUSSING ON FACEBOOK?
• When I Actually said Social Engineering??
http://null.co.in/
http://nullcon.net/
Thanks Null Hyderabad
http://null.co.in/
Prajwal Panchmahalkar
Null Hyderabad [email protected]
Matriux Senior [email protected]://www.matriux.com/