Teach Social Engineering Dangers to your Students

No comments

Social Engineering is the act of " manipulating a person into gaining access or sensitive data by preying on basic human psychology."This is very dangerous because the social engineer is attacking the victim's psyche. The main difference between social engineer and a hacker is the tools used, so while the latter attacks your system or computer physically via sending a malware or a virus, the former uses social techniques such as coercing and sometines even blackmailing.


social engineering



Recently a huge increase in online social engineering has been witnessed and more and more victims are falling out for it.This is mainly due to our dependence on Internet and the absence of awareness from the part of most users. As educators we need to make sure we understand this phenomenon first  and then make sure we teach our students about it.

Social Engineering has several tactics as we will see below but the basic rule is no physical contact with the victim and relying only on tools such as emailing, IM and telephone calls to carry out the attack. There is a wide variety of techniques that give shape to this crime most important of them all are the following :

1- Phishing






phishing




This is one of the traditional and famous techniques of a social engineer. It is, most of the times, conducted via email. The victim would normally get an email that appears to have a legitimate request for some sensitive information such as verifying bank accounts or Paypal information to avoid suspension. The Phisher would use a domain name that resembles your bank URL and only discrepancies in the wording of the URL give them away. Always check for the veracity of URLs and make sure they are exact just one letter could make the difference. Most of the email providers such as Google, Yahoo and AOL have now integrated filtering system for anti phishing but no matter what, never divulge your financial information or any other sensitive information via email simply because no legitimate organization will ever ask for that.




2- Vishing / Telephone Techniques



vishing




Vishing ( Voice Phishing ) or  Interactive Voice Response ( IVR ) is another technique that the social engineer uses to get his victim. This is mainly conducted via a phone call or a VoIP interface. Here are some examples of vishing :


  •  Calling the victim directly urging him to take an immediate action in which he will have to divulge his information such as bank account information etc
  • Sending an email to the victim urging him to call a certain number to take a certain action  such as verifying account etc
  • The use of direct human interaction or automated voice prompts such as ' press 1...'or ' enter your credit card number after the beep " to get information
  • Calling the victim and convincing them of a security threat on their computer and offering help by telling them to buy or install a software to fix a problem. This is a technique that is used so much here in Canada. I have personally received dozens of such calls from people speaking a broken English telling me my computer system has been crushed and all that crap, I just hang up on them.



3- Baiting


baiting




As its name suggests, Baiting entails the use of a bait to fish your victim. The bait can be anything such as physical media like a CD or a  USB stick. The phisher deliberatly leaves it in a place where it will  be easily discovered by others and what he normally does is wait for the victim to hook it to its computer to get the whole machine infected.



4- Pretexting

This one here looks like blackmailing although it is not neccasrily blackmailing. The phisher creates a scenario for the victim in which he provides him with some information pertaining to him such as his birth date, his home address, or a recent bank account transaction in order to convince the victim that the scamer is an authoritative of official figure.



5- Tailgating




tailgating




This is one of  the rare techniques of social engineering where there is a physical involvement. This is the act of gaining access to a restricted  area without being auhtorized by simply following another legitimate employee into the area.


These are in brief some of the most popular technqiues a social engineer uses to get his victims. Keep in mind that new scams and techniques are devised all the time and the best shield against such attakcs is knowledge. Inform your students and colleagues and always stay on guard.

This post is based on Tim Brookes article in MakeUseof




Create your Own Games Using Sploder

No comments

Sploder is a great website that provides users with the necessary tools to create their own video games. You do not need any special designing or graphic skills everything is provided you just select what you want and add little of your imagination.

Sploder does not require any installation. You just need to register with them and open your free account. There are basicaly  four templates that Sploder offers to is users:

1-  Platform Creator

2- Physics Puzzel Maker

3-The Algorithm Crew

4- Classic Shooter

You can choose one of these templates to start creating and editing your games.

Here are some features that Sploder offers to its users:


  • It is easy to use just drag and drop process
  • It has a user friendly interface
  • It lets users create their own games
  • Usres can select as many elements as they want for each scene of their games
  • It provides a game tester to test how the game works before publishing it
  • It lets you edit and customize the game


There are several video tutorials that Sploder has uploaded to its YouTube Channel, here is one of them





Google Doodle Commemorates the Inventor of The Zipper

No comments

You might have noticed today when you visited Google main page a zipper that opens up as you click on it. This is Google's last doodle that commemorates the birth of Swedish inventor of the zipper Gideon Sundback.



google doodle



Gideon was born on April 24, 1880. He was a great designer and at the age of 29 Sundback was able to revolutionize the world of fashion by developing the fastener with interlocking teeth.

" The zipper, initially planned to replace the hook-and-eye fastener on women’s boots, went on to become a standard feature on clothing for women and men by the 1930s.While the concept of a zipper had been postulated by engineers for at least two decades beforehand, it was Sundback who perfected it by placing a tiny dimple on the underside of each tooth and a nib on the top that would fit snugly with the dimple above it. "


Watch this video to see the doodle in action


Free Resources on World War I

No comments

World War I is one of  the major tragic  event in the history of mankind. Every curriculum in the world has a section for it somewhere in its spectrum. I have recently been asked by one of my colleagues at school ( he is a high school teacher of History ) If I have any video resources on World War I that he can share with his students. As I came back to my archive I found out some interesting links that you can also use with your students.



world war 1




This list is not exhaustive and if you have more suggestions please share with us below


History in Motion
This one here has a very rare clip that was filmed during World War I as Anerican infantry troops attacked the German trenches.

How Stuff Works
HSW provides a page full of  videos all revolve around World War I.

Brain Pop
Brain Pop has several interesting videos on World War I such as :

The League of Nations
Quizzes on World War I

BBC
BBC features a great video on how America remembers World War One




Create your own Playlist on MentorMob!







Create your own Playlist on MentorMob!