Uploaded by Evan Wagoner

Social Engineering Group Project (1)

advertisement
Social Engineering Group Project
Create a group of two or three members from your class and complete the assigned project based on
the scenario given. Create a multi-media presentation to convey how you would handle the scenario.
You and your group members need $2,000.00 to make a purchase. Unfortunately, your parents did not
instill good morals in you, and you are not above stealing to get the things in life that you want. Your
challenge is to create a Social Engineering Attack that will help you collect the $2,000.00 quickly and in a
way that you will not get caught. Please address the following items below in your presentation:
Who – Who or what will you target?
I will target a bank manager. The bank manager for the sake of this exercise will be John Doe. I
have chosen John Doe because he does not adequate knowledge of cyber security to easily defend
himself. The banks name is Fifth Third.
What – What is your scam or scheme?
The scheme is simple but still should be effective. I will send John an email with a cloned Fifth
Third sign on link. I will also change the appearance of my email address to look like it is coming from
one of Johns superiors. Once John tries to sign into his account at Fifth Third, I will have his Username
and Password.
When – When will you conduct your social engineering scam or scheme?
I will conduct this scheme during business hours so that the email time frame is more legitimate.
Also, there will be less time for him to think about why he is being asked to do this.
Where – Where will you conduct your social engineering scam or scheme?
I will conduct this scheme from a public free Wi-Fi location using a email account set up for this
exact purpose.
Why – Why is your social engineering plan brilliant?
The plan is brilliant because of the target John is uneducated when it comes to cyber security
and should be an easy mark for this trap.
How – How will your social engineering scheme be successful in that you collect the money and you do
not get caught?
I should be able to sign in and out of Johns account after he provides me with his credentials.
Once inside I will move some of the funds that John oversees and funnel them into my account
overseas.
Download