Social Engineering

Course Description

This course covers basic information about social engineering. In this course several fake social media profiles will be explored and students will have an opportunity to craft their very own phishing email and malicious payload using the Social Engineering Toolkit (SET) in a Kali Linux virtual environment, then play the “victim” by opening the malicious file.

Students will also learn about different types of social engineering attacks and gain hands-on experience in two labs using the Social Engineering Toolkit (SET). The course will also teach students behavioral and technical controls that can be implemented to reduce the likelihood of a successful social engineering attack.

This course will help students understand why it is important to limit the information that is shared on social media. We will also cover some basic items to include in your security awareness program. This course is beginner level, but students are expected to have basic computer knowledge. The course is targeted towards students that are studying for the EC-Council Certified Ethical Hacker (CEH) and/or the CompTIA Pentest+ certification examinations.

This course is designed for students looking to become junior penetration testers

however, the course can be taken by anyone.

It is recommended that students have some IT or cybersecurity knowledge, but not required to take this course.

The course includes downloadable step by step lab guides that can be found in the Syllabus and Outline, which is located in the Resources section of the course.

By the end of this course, students should be able to:

Social engineering has been the cause of many of the most high profile cyber-attacks in recent years. The human element is too often the problem. In this online, self-paced Social Engineering course, you will learn how some of the most elegant social engineering attacks take place. You will learn to perform these scenarios with an explanation of each step of the attack, from imitation through exploitation. This course is intended to help you better prepare your organization to defend against social engineering attacks, as well as how to ethically use these techniques for intelligence gathering. As a reminder, by taking this course, you agree to our terms of service.

Social engineering refers to the “art” of manipulating people to divulge confidential information. Typically, criminal hackers will rely on the fact that most people will be trusting (in varying degrees), and that it is much easier to trick the employees of an organization into providing them with information (passwords, account numbers, etc.) they can use to exploit the company than to use traditional hacking methods to obtain it.

Social engineering professionals (white hat hackers) work for companies to prevent such exploitations by learning the methods that criminal hackers use and developing strategies to combat them.

Our online Social Engineering course covers the methods that are used by criminals to exploit the human element of organizations, using the information to perform cyber attacks on the companies. In the class, you will learn to execute several social engineering methods yourself, in a step-by-step manner. The purpose of this training is to prepare you to defend your organization against social engineering attacks, and to learn how to use these methods ethically to gather intelligence.

In this Social Engineering course you will cover various topics, including introduction to social engineering, targeting, exploitation lifecycle, digital profile reduction, digital information gathering, psychology of social engineering, cold calling, elicitation, pretexting, post exploitation, and other applicable subjects.

The Social Engineering course is ideal for:

Additionally, students who take this class should be security professionals who have a basic knowledge of penetration testing and security policy principles, and who have worked in the IT industry for at least two years.

It’s expected that cybercrime will cost the world $6 trillion annually by 2021, a significant increase from the $3 trillion it cost in 2015. That means that information security professionals, including social engineers, are in high demand. In fact, because there is so much cybercrime and an increasing demand for cybersecurity professionals, the field has little to no unemployment.

Social engineering is an essential part of the cybersecurity career field for those IT professionals who want to play an active role in the protection of their organizations’ security controls.

A career in social engineering offers a substantial salary, flexibility, and often times, an exciting environment for those who love information security and technology. Social engineers may be hired on a permanent basis, but many are hired on contract or as consultants.

Most positions in the IT field now require employees to possess knowledge and skills in cybersecurity, no matter what the specific roles are. Training in social engineering will better prepare you for cybersecurity job roles. Specifically, penetration testers, cybersecurity engineers, and certified information security managers will all benefit from this course.

Prerequisites

People wanting to learn about ethical hacking and how social engineering plays a part

People who want to understand how criminal hackers gain access into secure systems

Most positions in the IT field now require employees to possess knowledge and skills in cybersecurity, no matter what the specific roles are. Training in social engineering will better prepare you for cybersecurity job roles. Specifically, penetration testers, cybersecurity engineers, and certified information security managers will all benefit from this course.

Module 1: Introduction

Module 2: Social Engineering Labs

Module 3: Conclusion