0% found this document useful (0 votes)
11 views22 pages

Cyber Security

The document outlines objectives for a cybersecurity lesson focused on recognizing cyberattacks and minimizing data compromise risks due to human error. It includes activities on social engineering tactics such as phishing, blagging, and shouldering, as well as indicators of suspicious emails. The lesson aims to equip participants with knowledge to protect themselves and their customers from these cyber threats.

Uploaded by

Mamatha Ma
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
11 views22 pages

Cyber Security

The document outlines objectives for a cybersecurity lesson focused on recognizing cyberattacks and minimizing data compromise risks due to human error. It includes activities on social engineering tactics such as phishing, blagging, and shouldering, as well as indicators of suspicious emails. The lesson aims to equip participants with knowledge to protect themselves and their customers from these cyber threats.

Uploaded by

Mamatha Ma
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 22

Cybersecurity

Objectives

Cybersecurity

Learning Objective:

● Recognise common causes and types of cyberattacks


● Implement strategies to minimise the risk of data being
compromised through human error

2
Starter activity

On Quizizz
https://quizizz.com/
join?gc=97931450

3
4
5
6
7
Starter activity

You’ve been a victim of social engineering

How might a hacker use the data Name


that you have willingly given to Date of birth
them? Email
address
Favourite band
or artist
Data you
submitted
Name of first
pet

Mother’s
Favourite maiden name
colour

8
Activity 1

Social engineering

What’s different about social


engineering, in comparison to other
cybercrimes, is that it is humans
trying to trick or manipulate other
humans.

9
Activity 1

Shouldering

Shouldering (also known as


shoulder surfing) is an attack
designed to steal a victim's
password or other sensitive data.

It involves the attacker watching


the victim while they provide
sensitive information, for
example, over their shoulder. This
type of attack might be familiar;
it is often used to find out
someone's PIN at a cash
1
0
Activity 1

Name generator attacks

These are attacks in which the


victim is asked in an app or a
social media post to combine a
few pieces of information or
complete a short quiz to produce
a name.

Attackers do this to find out key


pieces of information that can
help them to answer the security
questions that protect people's
accounts.
1
1
Activity 1

Phishing

A phishing attack is an attack


in which the victim receives an
email disguised to look as if it has
come from a reputable source, in
order to trick them into giving up
valuable data.
http://l0g1npage.com/B3G7?
id=4n

The email usually provides a link


to another website where the
information can be inputted.
Sending similar messages by SMS is known
as smishing.
1
2
Activity 1

Phishing

It is called phishing, as in
‘fishing’, because:

● A line is thrown out into a


place where there are many
potential ‘fish’ (victims)
● The line has bait on the end
in order to attract the victims
● If a victim bites (clicks the
link) they are hooked in

1
3
Activity 1

Phishing: Key indicators of a phishing email

● Unexpected email with a request for information


● Message content contains spelling errors
● Suspicious hyperlinks in email
○ Text that is hyperlinked to a web address that contains spelling errors and/or
lots of random numbers and letters
○ Text that is hyperlinked to a domain name that you don't recognise and/or
isn't connected to the email sender
● Generic emails that don't address you by name or contain any
personal information that you would expect the sender to know

Complete Activity 1 on your worksheet.


1
4
Activity 2

Blagging

Blagging (also known as


pretexting) is an attack in
which the perpetrator invents a
scenario in order to convince
the victim to give them data or
money.

This attack often requires the


attacker to maintain a
conversation with the victim
until they are persuaded to
give up whatever the attacker
1
5
Activity 2

Blagging

The following email doesn’t


contain a hyperlink to click on,
but it does include suspicious
information.

Think/write/pair/share:

Try to find a minimum of three


things that make this email
suspicious.

Complete this on your


worksheet. 1
6
Activity 2

Blagging

● Suspicious code in email


(‘Dear <name?>’)

● Spelling mistakes (‘deer


friend’)

● Unusual use of English (‘a


excitable business
opportunity’)

1
7
Activity 2

Blagging

Blagging doesn’t only happen via


email.

Watch this video

1
8
Activity 2

Phishing or blagging?

Questions

What is the difference between


phishing and blagging?

1
9
Activity 3

Protecting your customers

Put yourself in the shoes of the


cybersecurity team of a national
bank. Your job is to try to prevent
your customers becoming victims
of social engineering.

2
0
Plenary

Plenary questions

Use the worksheet to complete


the multiple-choice questions.

2
1
Summary

Next lesson

In this lesson, you... Next lesson, you will…

Recognised that human errors Look at common methods used


pose security risks to data by hackers and what laws are in
place to act as deterrents
Looked at strategies to minimise
the risk of data being
compromised through human
error

2
2

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy