This course covers basic information about social engineering. In this course several fake social media profiles will be explored and students will have an opportunity to craft their very own phishing email and malicious payload using the Social Engineering Toolkit (SET) in a Kali Linux virtual environment, then play the “victim” by opening the malicious file.

Students will also learn about different types of social engineering attacks and gain hands-on experience in two labs using the Social Engineering Toolkit (SET). The course will also teach students behavioral and technical controls that can be implemented to reduce the likelihood of a successful social engineering attack.

This course will help students understand why it is important to limit the information that is shared on social media. We will also cover some basic items to include in your security awareness program. This course is beginner level, but students are expected to have basic computer knowledge. The course is targeted towards students that are studying for the EC-Council Certified Ethical Hacker (CEH) and/or the CompTIA Pentest+ certification examinations.

Target Audience

This course is designed for students looking to become junior penetration testers; however, the course can be taken by anyone.

Prerequisites

It is recommended that students have some IT or cybersecurity knowledge, but not required to take this course.

Supplementary Materials

The course includes downloadable step by step lab guides that can be found in the Syllabus and Outline, which is located in the Resources section of the course.

Course Goals

By the end of this course, students should be able to:

Understand different types of social engineering attacks

Understand behavioral and technical controls that can be used

Understand how to communicate basic security awareness to others

Social Engineering and Manipulation - Exploitation of the Human Element

Social engineering has been the cause of many of the most high profile cyber-attacks in recent years. The human element is too often the problem. In this online, self-paced Social Engineering course, you will learn how some of the most elegant social engineering attacks take place. You will learn to perform these scenarios with an explanation of each step of the attack, from imitation through exploitation. This course is intended to help you better prepare your organization to defend agains social engineering attacks, as well as how to ethically use these techniques for intelligence gathering. As a reminder, by taking this course, you agree to our terms of service.

What is Social Engineering and Manipulation?

Social engineering refers to the "art" of manipulating people to divulge confidential information. Typically, criminal hackers will rely on the fact that most people will be trusting (in varying degrees), and that it is much easier to trick the employees of an organization into providing them with information (passwords, account numbers, etc.) they can use to exploit the company than to use traditional hacking methods to obtain it.

Social engineering professionals (white hat hackers) work for companies to prevent such exploitations by learning the methods that criminal hacker use and developing strategies to combat them.

What Does this Social Engineering Course Cover?

Our online Social Engineering course covers the methods that are used by criminals to exploit the human element of organizations, using the information to perform cyber attacks on the companies. In the class, you will learn to execute several social engineering methods yourself, in a step-by-step manner. The purpose of this training is to prepare you to defend your organization against social engineering attacks, and to learn how to use these methods ethically to gather intelligence.

In this Social Engineering course you will cover various topics, including introduction to social engineering, targeting, exploitation lifecycle, digital profile reduction, digital information gathering, psychology of social engineering, cold calling, elicitation, pretexting, post exploitation, bypassing physical security, binary evasion and other applicable subjects.

The tools used in this training course include:

Social Engineering Toolkit (SET)

Kali Linux

Maltego

Google

Scythe Framework

Creepy

Metasploit

Recon-NG Framework

Portable Virtual Box

Hyperion & Veil

Who Should Take this Social Engineering Training Course?

The Social Engineering course is ideal for:

People wanting to learn about ethical hacking and how social engineering plays a part

People who want to understand how criminal hackers gain access into secure systems

People who want to understand how secure their own organization's systems are from social engineering attacks

Additionally, students who take this class should be security professionals who have a basic knowledge of penetration testing and security policy principles, and who have worked in the IT industry for at least two years.

Why Study Social Engineering?

It's expected that cybercrime will cost the world $6 trillion annually by 2021, a significant increase from the $3 trillion it cost in 2015. That means that information security professionals, including social engineers, are in high demand. In fact, because there is so much cybercrime and an increasing demand for cybersecurity professionals, the field has little to no unemployment.

Social engineering is an essential part of the cybersecurity career field for those IT professionals who want to play an active role in the protection of their organizations' security controls.

A career in social engineering offers a substantial salary, flexibility, and often times, an exciting environment for those who love information security and technology. Social engineers may be hired on a permanent basis, but many are hired on contract or as consultants.

Which Jobs Will this Social Engineering Course Prepare Students For?

Most positions in the IT field now require employees to possess knowledge and skills in cybersecurity, no matter what the specific roles are. Training in social engineering will better prepare you for any position in an IT department. Specifically, penetration testers, network engineers, cybersecurity engineers, and certified information security managers will all benefit from this course.