Social-Engineering Tricks and Data Protection (Grade 11 NSC Matric Computer Application Technology): Revision Notes

Social-Engineering Tricks and Data Protection

Understanding social engineering

Social engineering is a technique that cybercriminals use to gain access to computer systems, personal data, and other valuable information by exploiting basic human psychology rather than using technical hacking methods. Instead of breaking through security systems with code, attackers manipulate people into voluntarily giving up their sensitive information.

Common social-engineering attacks

Phishing attacks

Phishing is one of the most common forms of social engineering and typically happens through email. Attackers send messages that appear to come from legitimate organisations like banks, schools, or popular websites, trying to trick you into giving out personal information or money.

Email spoofing and website spoofing

Email spoofing involves creating fake emails that appear to come from trusted sources. These emails are designed to look exactly like official communications and will either directly ask for sensitive information or redirect you to a fake website where your information will be stolen.

Website spoofing works hand-in-hand with email spoofing. Attackers create websites that look identical to legitimate sites like banking portals, social media platforms, or shopping websites. These fake sites are designed to capture any information you enter, including usernames, passwords, and credit card details.

Pharming attacks

Pharming is similar to phishing but involves creating fake websites that request sensitive information. A common pharming technique involves attackers setting up official-looking websites that allow users to supposedly "change" their passwords. However, instead of actually changing the password, the fake site records both the username and current password, allowing the attacker to take over the account completely.

Protecting yourself from social engineering

What to do if you're a victim

Prevention strategies

The best defence against social engineering is awareness and caution. Always be sceptical of unsolicited communications asking for personal information, especially if they create a sense of urgency. Legitimate organisations rarely ask for sensitive information via email, and they certainly won't threaten to close your account if you don't respond within a few hours.

Data protection through backups

Why backing up is important

It's essential to back up your data regularly because hardware can fail unexpectedly, and accounts can be compromised by cybercriminals. When you create backups, you're essentially creating copies of your important information that can be used to restore your data if something goes wrong with your original files.

Manual backup methods

The simplest way to back up your data is using the basic copy and paste functions on your computer. This method works well for small amounts of data or when you want complete control over what gets backed up.

Using Windows backup and restore utility

Windows includes a built-in backup utility called "Backup and Restore" that can automate much of the backup process and make it more efficient. This tool can create incremental backups, which means it only backs up files that have changed since the last backup, saving time and storage space.

Restoring from Windows backup

If you need to restore files from a Windows backup:

1. Connect your backup drive to your computer
2. Open Backup and Restore from the Control Panel
3. Click "Restore All Users' Files"
4. Choose "Browse for Files" or "Browse for Folders" depending on what you want to restore
5. Select "In the Original Location" and click "Restore"

This will put your files back exactly where they were before, replacing any damaged or missing files.

Cloud storage for backups

It's important to understand the difference between cloud storage and cloud backup:

• Cloud storage is when you manually choose specific files to upload to an online account. These files become independent of your computer, so even if you delete them locally, they remain in your cloud storage.
• Cloud backup involves installing software that automatically monitors certain files and uploads any changes to the cloud. This ensures that your most current version is always backed up online without you having to remember to do it manually.

Cloud backup services are particularly useful for people or businesses with large amounts of important data, because if one computer fails, all the files can still be accessed from the cloud backup server.

Popular cloud storage providers

Several companies offer cloud storage services with different features and pricing:

Google Drive integrates well with Google's other products like Gmail and Google Docs. It provides 15 GB of free storage, after which you need to pay a monthly fee for additional space.

Apple iCloud works seamlessly with Apple devices including Mac computers, iPhones, iPads, and iPods. It offers 5 GB of free storage but requires payment for larger amounts.

Dropbox gives users 2 GB of free storage and allows you to access your files from web browsers, desktop computers, or mobile devices.

Microsoft OneDrive integrates well with Microsoft products like Word and SharePoint. Everyone with a Microsoft account receives 5 GB of free storage space, with paid options available for more space.

Summary