Office Information & Library-Information Services
View count:
9143
Social Engineering Drills
Social Engineering & Email Security
What is Social Engineering
Social Engineering is a method to deceive people using influence or persuasion in order to obtain useful information. This is a commonly used attack technique by hackers in recent years.
Social Engineering Drills
To ensure the email security of our faculty, staff, and students, and in compliance with the National Cyber Security Office's plan to establish a secure national information infrastructure, the school conducts periodic or ad-hoc social engineering drills every year. Faculty and staff should follow the school’s social engineering training materials to properly configure email software and strengthen information security.
Email Social Engineering Attack Methods
- Pretending to be the sender
- Using attention-grabbing subject lines and message content
- Attachments containing malware
- Zero-day attacks
- Phishing
- Pretending to be an administrator to trick users into revealing account credentials
Email Social Engineering Precautions
- Pay attention to the sender of emails; do not open attachments or click links from unknown sources to avoid backdoors.
- Disable the preview pane; delete unnecessary emails immediately.
- Set email reading mode to plain text.
- Do not open URLs that use numeric IP addresses; verify email authenticity.
- For official business, use institutional email accounts and encrypt sensitive information.