CUSTOMISED
Expert-led training for your team
Dismiss

Social Engineering training course

Social Engineering - Learn about the threats, attacks and how to prevent, defend and deter against these

JBI training course London UK

"Our tailored course provided a well rounded introduction and also covered some intermediate level topics that we needed to know. Clive gave us some best practice ideas and tips to take away. Fast paced but the instructor never lost any of the delegates"

Brian Leek, Data Analyst, May 2022

Public Courses

01/07/24 - 2 days
£1500 +VAT
12/08/24 - 2 days
£1500 +VAT
23/09/24 - 2 days
£1500 +VAT

Customised Courses

* Train a team
* Tailor content
* Flex dates
From £1200 / day
EDF logo Capita logo Sky logo NHS logo RBS logo BBC logo CISCO logo
JBI training course London UK

  • Social Engineering, humans & Security
  • Learn Social Engineering Fundamentals
  • Gain an understanding of the techniques used by social engineers
  • Threats - We introduce you to key social engineering concepts
  • Attacks - You will explore and engage in the social engineering attacks
  • The art of phishing: Physical and Telephone 
  • Explore Defence - Defend, Prevent and Deter
  • Mobile Device Exploitation – (Hack Mobile Devices)
  • What can an organisation do to defend itself?

Course attendees will learn about:

  • The Threat - You will gain an understanding of the techniques used by social engineers in the planning stages of an attack. We introduce you to key social engineering concepts, the goals of social engineering, and warn you about the tool’s attackers use to gain intelligence on your organisation.
  • You will see real-time interactive demonstrations centred around the most popular and scalable forms of social engineering.

The Attack

  • You will explore and engage in the social engineering attacks used by the attackers and will learn how exposed you and your organisation may be to this every day common and significant threat.
  • This interactive training balances practical lectures and discussions to understand the ‘Social Engineering Attack Cycle’, with multiple interesting exercises and demonstrations that highlight weaknesses within organisations; weaknesses from employees which result in information security breaches.

Defend, Prevent, Deter  

  • Social Engineering remains a high threat to organisations regarding information security breaches.  
  • You will explore the options available, and the controls needed to minimise risk and diminish the threat to your organisation. This will culminate in an interactive War Gaming session, where you will formulate a plan of defence to take back to your organisation and use immediately.
  • You will see what works, and what doesn't, and how to report on it to help the organization improve their defences and increase your snare rate.
  • The course will equip you to deal with some of the ethical and risk challenges associated with social engineering engagements, understanding human behaviour, and how to defend against it.


Social Engineering Fundamentals

  • What is Social Engineering
  • Who conducts Social Engineering?
  • Why is Social Engineering so successful?
  • Ethics and Law
  • Psychology of the Social Engineer
  • Hacker vs Organisation    Team Exercise / Discussion

The Reconnaissance Phase (Open Source Intelligence)    OSINT Tools

•    Maltego
•    Shodan
•    Buscador
•    Google Alerts
•    Google Dorks
•    The Harvester
•    Metagoofil
•    Recon-NG
•    Have I been pawned

Cyber Kill Chain

  • Looking for vulnerabilities
  • The Social Engineering Attack Cycle    Information Gathering
  • Build Relationships and Rapport
  • Exploitation
  • Execution and covering your tracks (TOR)

The art of Phishing, (don’t get hooked!) - Technical    Phishing Tools 

  • Phishing (SET, NGROK)
  • SMShing,
  • Spear Phishing,
  • Whale Phishing,
  • Vishing
  • Spoofing Email – Demonstrations (Interactive)
  • Emkei
  • Anonymailer


The art of Phishing - Phishing – (Physical) (Interactive)


•    Listening Devices and Bugs
•    USB Drop (Ducky USB)
•    Dumpster diving
•    Pre-Texting
•    Tailgating
•    Shoulder Surfing
•    Lock Picking
•    Impersonation
•    Mobile phone recording

The art of Phishing – (Telephone)    Telephone Phishing

•    Pre-Texting
•    Impersonation

  • Credential Harvesting
  • Finding your organisations leaked credentials and the dark web Credential Harvesting demonstrations

•    Have I been Pawned
•    Username and password harvesting
•    Password Re-use
•    Password cracking
•    Hashing/Cracking Hash
•    Dictionary/Brute Forcing
•    Darknet

Network (Packet) Sniffing – Open Networks (coffee shops etc.)    Network Tools

•    Wireshark
•    Network Miner

Mobile Device Exploitation – (Hacking Mobile Devices)

•    Mobile Phone
•    Probe Requests
•    Fake AP/SSID/Rogue Access Point
•    Rogue Network Devices
•    Fake Iframe/Portal – Username and Password Capture
•    De-authing Clients
•    Untrusted APK (Gaining remote access to mobile phone - data, SMS, camera, photos etc.)
•    Session Hijacking/Cookie Stealing

  • Privilege Escalation    
  • Vulnerability Assessing Your Systems

•    Nessus
•    CVE
•    Virus Total
•    Malware Testing

  • Prevention
  • Educating the workforce    What can an organisation do to defend itself?
  • Practical tips and advice on implementation
  • Incident/Breach Management    Containment, Isolation and Managing Incidents
  • War Gaming Scenario    Team exercise and presentation
  • Final Questions, Discussion    
  • Networking and Close    
JBI training course London UK

  • This course is suitable for IT & security professionals.
  • This course is suitable for organisational Senior Leadership, managers and general staff.
  • A good understanding of common IT, internet and mobile devices.

5 star

4.8 out of 5 average

"Our tailored course provided a well rounded introduction and also covered some intermediate level topics that we needed to know. Clive gave us some best practice ideas and tips to take away. Fast paced but the instructor never lost any of the delegates"

Brian Leek, Data Analyst, May 2022



“JBI  did a great job of customizing their syllabus to suit our business  needs and also bringing our team up to speed on the current best practices. Our teams varied widely in terms of experience and  the Instructor handled this particularly well - very impressive”

Brian F, Team Lead, RBS, Data Analysis Course, 20 April 2022

 

 

JBI training course London UK

Newsletter

 

Sign up for the JBI Training newsletter to stay updated with world-class technology training opportunities, including Analytics, AI, ML, DevOps, Web, Backend and Security. Our Power BI Training Course is especially popular.  Gain new skills, useful tips, and validate your expertise with an industry-leading organisation, all tailored to your schedule and learning preferences.



Our Social Engineering training course gives an insight into the vulnerabilities exposed to businesses from the ‘human factor’.

Social Engineering exploits flaws in human weakness and constitutes one of the highest threats to organisations today, as they are able to use deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.

Social engineering remains one of the most effective means of attacking organisations of all sizes.  Attackers are becoming more sophisticated. and are using a multitude of attack vectors.  Not only are they relying on technical means of attack but are exploiting human behaviour to gain information. 

Your staff need to be able to identify and defend against attempted attacks, both in the work place and whilst away using corporate IT equipment. 


 

CONTACT
+44 (0)20 8446 7555

[email protected]

SHARE

 

Copyright © 2023 JBI Training. All Rights Reserved.
JB International Training Ltd  -  Company Registration Number: 08458005
Registered Address: Wohl Enterprise Hub, 2B Redbourne Avenue, London, N3 2BS

Modern Slavery Statement & Corporate Policies | Terms & Conditions | Contact Us

POPULAR

Rust training course                                                                          React training course

Threat modelling training course   Python for data analysts training course

Power BI training course                                   Machine Learning training course

Spring Boot Microservices training course              Terraform training course

Kubernetes training course                                                            C++ training course

Power Automate training course                               Clean Code training course