NPCC Cybercrime Advanced Social Engineering Course

NPCC National Cybercrime Programme

The NPCC Cybercrime Training Programme provides police forces in England and Wales with the skills needed to be able to respond to a report of cybercrime and fully investigate any criminal activity, prosecute offenders where necessary but also divert individuals on the cusp of criminal activity on to productive paths. The Programme gives staff the technical skill to advise and protect individuals and organisations in cyber security to help better protect themselves against cybercrime.

This one day course provides a unique insight into both their own ethical social engineering assessments and malicious social engineering in the wild. Providing practical workshops, live demos to hone your attacking skills and teaching you the techniques needed to protect against social engineering attacks. Advanced Social Engineering aims to apply knowledge to a corporate scenario, giving security personnel the skills needed to implement a good level of social engineering defence within organisations.

Module 1 – Planning a Social Engineering Attack

Underlying techniques used by social engineers in the planning stages of an attack.

• Complex fraud scenarios and planning for a realistic attack Phishing / SMShing / Vishing
• Gathering credentials
• Mailbox exfiltration
• Wireless attacks and network auditing
• Dumpster diving
• Pretexting

Module 2 – The Attack and Physical Engagement

How to get past security measures and what happens next.

• Tailgaiting, Lockpicking and RFID cloning
• Using your pretext to gain entry
• Psychology techniques, impersonation
• Planting rogue network devices
• Level of access available
• Strong considerations to ethics and professionalism to avoid disruption
• Dealing with negative situations and reputational damage

Module 3 – Defence: what can an organisation do to defend against this?

• Practical tips and advice on implementation.
• A look to more advanced features of attacks, reducing focus on metrics and statistics.
• We share what we have learnt so you can protect your organisation against physical attacks

Module 4 – Looking Ahead

• 2020 Trends in social engineering and how the attacks will vary in the future