how attackers use social engineering to bypass your defenses. · how attackers use social...
TRANSCRIPT
![Page 1: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/1.jpg)
How attackers use social engineering to bypass your defenses.
Lenny Zeltser Senior Faculty Member, SANS Institute
Product Management Director, NCR Corporation
![Page 2: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/2.jpg)
Social engineers influence victims to perform actions desired by the attacker.
![Page 3: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/3.jpg)
As the result:
Outsider == Insider
![Page 4: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/4.jpg)
What social engineering tactics are being used? Let’s look at examples, so we can learn from them.
![Page 5: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/5.jpg)
Alternative Channels
![Page 6: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/6.jpg)
Notices in the “physical” world invited victims to visit a fraudulent website.
![Page 7: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/7.jpg)
http://j.mp/oRn3
![Page 8: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/8.jpg)
Source: Jerome Segura http://j.mp/IQjPhM
![Page 9: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/9.jpg)
Phishing scam directed the target to a phone number.
![Page 10: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/10.jpg)
“Your card has been suspended because we believe it was accessed by a third party. Please press 1 now to be transferred to our security department.”
Customers of Liberty Bank of Boulder Creek, CA
Source: BankInfoSecurity http://j.mp/3Gj0AA
![Page 11: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/11.jpg)
USB keys were used as an infection vector.
![Page 12: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/12.jpg)
Action=Open folder to view files Icon=%systemroot%\system32\shell32.dll,4 Shellexecute=.\RECYCLER\S-5-3-42-28199…
(Conficker)
Source: Internet Storm Center http://j.mp/HGTgRX
![Page 13: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/13.jpg)
“Real world” procedures were used to place malicious ads on Gawker sites. A similar scam targeted the New York Times and other media sites.
See http://j.mp/IjqYWJ
![Page 14: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/14.jpg)
The ads served PDF exploits to visitors.
Image Source: Business Insider http://j.mp/IwnntL
![Page 15: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/15.jpg)
“We want to run a performance campaign for Suzuki across your network. Our budget to start is $25k+. Campaign should be live by the end of the month.”
Source: Mediaite http://j.mp/HJO77c
![Page 16: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/16.jpg)
Scammers called home users to help disinfect their PCs. They pretended to find malware and clean it up; requested payment and other details.
![Page 17: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/17.jpg)
“i got a call off a onlinepcdoctors.com and they said my pc was running slower because of malcious [sic] files. i let them take remote access of my computer…”
Source: http://j.mp/HEWIeY
![Page 18: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/18.jpg)
Source: Symantec http://j.mp/jSjWBD
![Page 19: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/19.jpg)
ZeuS on a Windows PC asked victims to install a security program on their Android phones.
![Page 20: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/20.jpg)
Source: Kaspersky http://j.mp/pN6p60
![Page 21: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/21.jpg)
Personally-Relevant Messaging
![Page 22: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/22.jpg)
Malware spread by localizing its message (Waledac).
See http://j.mp/IG10kH
![Page 23: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/23.jpg)
Geolocation was similarly used in a work-from-home scam.
See http://j.mp/HGVHU9
![Page 24: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/24.jpg)
Malware spoofed email from trusted senders.
![Page 25: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/25.jpg)
“Unfortunately we were not able to deliver the postal package … Please print out the invoice copy attached and collect the package at our department. United Parcel Service of America.”
Source: Webroot http://j.mp/HHuYVB
![Page 26: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/26.jpg)
Malicious messages matched the content the victim was used to receiving. The attachments targeted client-side vulnerabilities.
![Page 27: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/27.jpg)
Source: Contagio
![Page 28: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/28.jpg)
Source: Brian Krebs http://j.mp/Iagn3r
![Page 29: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/29.jpg)
Attackers provided customer service to appear legitimate.
Image Source: Symantec http://j.mp/HJOwGU
![Page 30: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/30.jpg)
Fraudsters used Facebook chat for the “stuck in London” scam.
Source: Jason Cupp http://j.mp/k9JFf9
![Page 31: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/31.jpg)
Profile Spy claimed to track who viewed victims’ Facebook profiles.
![Page 32: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/32.jpg)
Social Compliance
![Page 33: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/33.jpg)
Malware spoofed product review sites to legitimize a fake anti-virus tool.
![Page 34: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/34.jpg)
Source: Bleeping Computer
![Page 35: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/35.jpg)
Social networks have been used to spread malware (Koobface).
![Page 36: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/36.jpg)
![Page 37: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/37.jpg)
Source: Nick FitzGerald http://j.mp/HEsg4l
![Page 38: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/38.jpg)
Malware dared victims to click the link to get them hooked. Then asked to copy and paste JavaScript to spread on Facebook.
![Page 39: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/39.jpg)
Source: AVG http://j.mp/pQDv9G
![Page 40: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/40.jpg)
Malware manipulated download counters to appear popular (Nugache).
Source: Dave Dittrich http://j.mp/ITKJs7
![Page 41: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/41.jpg)
This is a sample screenshot. It’s not representative of the sites actually manipulated by Nugache.
![Page 42: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/42.jpg)
Money-mule recruiting sites looked like sites of many other legitimate companies.
![Page 43: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/43.jpg)
![Page 44: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/44.jpg)
A scam emphasized the popularity of the “work from home” kit.
See http://j.mp/HGVHU9
![Page 45: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/45.jpg)
Reliance on Security Mechanisms
![Page 46: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/46.jpg)
Similar to the fake counterfeit money-testing pen con.
![Page 47: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/47.jpg)
“Security update” messages in several forms convinced users to download and install software.
![Page 48: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/48.jpg)
![Page 49: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/49.jpg)
Fake anti-virus tools confused the user about the need for security.
![Page 50: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/50.jpg)
![Page 51: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/51.jpg)
Victims sometimes even got to choose their preferred rogue anti-virus product.
![Page 52: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/52.jpg)
Source: Sunbelt Software http://j.mp/IG29Jh
![Page 53: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/53.jpg)
Malicious files were hosted behind a CAPTCHA screen.
See http://j.mp/HGWfJF
![Page 54: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/54.jpg)
![Page 55: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/55.jpg)
Scammers associated their “products” with trusted brands.
![Page 56: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/56.jpg)
![Page 57: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/57.jpg)
Attackers signed malware with certificates. Some certs were stolen with malware. Some were obtained through identity theft.
See http://j.mp/9HbPLC
![Page 58: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/58.jpg)
Source: Websense http://j.mp/ICjrsS
![Page 59: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/59.jpg)
Malicious websites presented a security warning to the users, asking to download an update.
![Page 60: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/60.jpg)
See http://j.mp/ITLj9g
![Page 61: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/61.jpg)
So What?
![Page 62: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/62.jpg)
Social engineering works. It seems to tap into psychological factors that are part of the human nature.
![Page 63: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/63.jpg)
Discuss recent social engineering approaches with employees, partners and customers.
![Page 64: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/64.jpg)
Alternative Channels Personally-Relevant Messaging Social Compliance Reliance on Security Mechanisms
![Page 65: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/65.jpg)
Assume some social engineering will work anyway.
![Page 66: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/66.jpg)
Focus on… internal segmentation, least privilege, need-to-know and monitoring.
![Page 67: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/67.jpg)
Lenny Zeltser blog.zeltser.com twitter.com/lennyzeltser
![Page 68: How attackers use social engineering to bypass your defenses. · How attackers use social engineering to bypass your defenses. Lenny Zeltser Senior Faculty Member, SANS Institute](https://reader033.vdocuments.net/reader033/viewer/2022060214/5f05721b7e708231d4130079/html5/thumbnails/68.jpg)
About The Author: Lenny Zeltser is a seasoned IT professional with a strong background in information security and business management. As a director at NCR Corporation, he focuses on safeguarding IT environments of small and midsize businesses worldwide. Before NCR, he led an enterprise security consulting team at a major IT hosting provider. Lenny's most recent work has focused on malware defenses and cloud-based services. He teaches how to analyze and combat malware at the SANS Institute, where he is a senior faculty member. He also participates as a member of the board of directors at the SANS Technology Institute and volunteers as an incident handler at the Internet Storm Center. Lenny frequently speaks on security and related business topics at conferences and industry events, writes articles, and has co-authored books on forensics, network security, and malicious software. He is one of the few individuals in the world who have earned the highly-regarded GIAC Security Expert (GSE) designation. Lenny has an MBA degree from MIT Sloan and a computer science degree from the University of Pennsylvania.