Social engineering

Social engineering

warning

These resources will be removed by end of Summer Term 2025.

Switch to our new teaching resources now - designed by teachers and leading subject experts, and tested in classrooms.

Lesson details

Key learning points

  1. In this lesson, we will become aware of how humans can be a weak point in the system. We will look at the social engineering tactics deployed by cybercriminals to dupe users into giving away data that could lead to further crime.

Licence

This content is made available by Oak National Academy Limited and its partners and licensed under Oak’s terms & conditions (Collection 1), except where otherwise stated.

Loading...

5 Questions

Q1.
When data has been processed and is meaningful, which of these has it become?
Identifiable data
Correct answer: Information
Processed data
Profiled data
Q2.
Is the following data or information: "Sophie got 38 out of 40 on her English test"
Data
Correct answer: Information
Q3.
Why might a company collect information about you to form a profile? (Which two of the following apply?)
Correct answer: So that they can recommend products to you based on previous products you have purchased or viewed
So that they can sell the information onto cybercriminals without your permission
Correct answer: So that they can sell the information to marketing companies
Q4.
What is the purpose of the Data Protection Act?
To act as a deterrent to cybercriminals who try to steal data on people
To prevent cybercriminals from spreading a virus
To protect an organisation from hackers
Correct answer: To require organisations that store data on people to use it responsibility and keep it safe
Q5.
One of your rights under the Data Protection Act is to have your data deleted. Do you have the right to ask a your school to delete all of the information it stores on you?
No
Correct answer: Yes

4 Questions

Q1.
Which one of the following best describes social engineering?
An automated attack on computer systems
Cybercriminals stealing data through hacking into systems
Correct answer: Humans using methods trick or manipulate other humans into handing over information
Websites deceiving humans into giving away personal data
Q2.
"An attack that involves an attacker watching the victim while they provide sensitive information" is a description of which of the following?
Blagging
Name generator attack
Phishing
Correct answer: Shouldering
Q3.
Which of the following is when attackers create short, fun quizzes in an attempt to find out key pieces of information that can help them answer account security questions?
Blagging
Correct answer: Name generator attack
Phishing
Shouldering
Q4.
You receive an email from an unknown sender asking for money. The sender wants you to respond to the email. There are no hyperlinks in the email, but it includes unusual use of English and there are a number of spelling mistakes. What type of social engineering attempt is this?
Correct answer: Blagging
Phishing
Shouldering
Spam

Lesson appears in

UnitComputing / Cybersecurity

Computing