New job; required training on information security fundamentals. A bit old hat to this old pro but always good to reread and refresh. This drawing inspired by the Social engineering part of one of the courses. Because it’s is a key method for crackers and thieves to gain access to [my | your | company] data and systems through psychological manipulation…

Social engineering, in the context of information security, is the psychological manipulation of people into performing actions or divulging confidential information. This differs from social engineering within the social sciences, which does not concern the divulging of confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional “con” in that it is often one of many steps in a more complex fraud scheme.

– Wikipedia

Of course, there’s the resonance of these psychological tricks beyond hidden nefarious actors sitting in other-world basements. There seems to be an awful lot of it around, generally, these days.

Lots of talk in the training videos by the info-sec guys of red flags. Big red flags, little red flags. Warnings one and all.

When/if I have the time those banners will get some love.

Last updated on 20th September 2022