Starter quiz
- Match the terms with their definitions.
- data⇔facts and figures in raw form ✓
- information⇔structured data with meaning ✓
- personal data⇔information about a specific person ✓
- legislation⇔a set of laws passed by parliament ✓
- What does the Data Protection Act 2018 govern?
- the handling of personal data ✓
- the sale of goods
- the use of public transport
- the collection of taxes
-
- Why is electronic data vulnerable?
- It is always encrypted.
- It can be easily duplicated.
- It is stored physically.
- It can be accessed remotely. ✓
-
- Which of the following is not a characteristic of personal data?
- It identifies a specific person.
- It is always anonymous. ✓
- It is protected by law.
- It can be sensitive.
-
- Where is data most commonly stored and accessed, making it accessible from anywhere in the world?
- 'online' ✓
- What is one way a cybercriminal might exploit personal data?
- to improve website functionality
- to create educational content
- to steal someone's identity ✓
- to enhance data security
-
Exit quiz
- What is the main goal of social engineering?
- to improve user experience
- to trick people into revealing information ✓
- to enhance data security
- to develop new software
-
- Which of the following is not a social engineering method?
- phishing
- blagging
- data encryption ✓
- name generator attacks
-
- Order the steps in a typical phishing attack.
- 1⇔Research the target's interests.
- 2⇔Create a deceptive email.
- 3⇔Send it to the target.
- 4⇔Trick the target into clicking a link.
- 5⇔Redirect the target to a fake website.
- What is blagging in the context of social engineering?
- a method of inventing scenarios to obtain data ✓
- a type of encryption
- a software vulnerability
- a secure data protocol
-
- What is the term for the act of secretly observing someone enter private information, such as a PIN or password?
- 'Shouldering' ✓
- What is a key strategy to prevent falling victim to social engineering?
- ignoring all technology
- regularly updating software
- being aware of common tactics ✓
- using the same password everywhere
-
Worksheet
Loading worksheet ...
Presentation
Loading presentation ...
Video
Lesson Details
Key learning points
- Human error can be a risk to data security.
- Social engineering methods trick people into sharing information that can be used for fraudulent purposes.
- Name generator attacks, phishing and blagging are all social engineering methods.
- Social engineering attacks can be reduced through educating users of technology.
Common misconception
Social engineering involves technical skills and knowledge of computing concepts in order to carry out an attack.
Social engineering relies on manipulating a victim to steal their personal data. This is done by finding ways to trick the user in to handing over the data willingly.
Keywords
Social engineering - the process of tricking people to reveal data that should be kept private
Name generator attacks - a method of collecting personal data by asking questions under the guise of generating a fun name
Phishing - messages or communication made to look like it is from an expected sender but linking to a website that steals data
Blagging - creating a story to trick someone into giving away their information or money
+