Concientización en técnicas de anti phishing al personal administrativo de Universidad Nacional de Loja, mediante el uso de la herramienta GoPhish.
Over the years, the Internet has evolved, becoming the largest network in the world, where the largest amount of information can be found. Simultaneously, cyber-attacks on computer systems are also evolving, using countless techniques, including social engineering, which is based on identity theft a...
Uloženo v:
| Hlavní autor: | |
|---|---|
| Médium: | masterThesis |
| Jazyk: | spa |
| Vydáno: |
2023
|
| Témata: | |
| On-line přístup: | https://dspace.unl.edu.ec/jspui/handle/123456789/26984 |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
Přidat tag | Shrnutí: | Over the years, the Internet has evolved, becoming the largest network in the world, where the largest amount of information can be found. Simultaneously, cyber-attacks on computer systems are also evolving, using countless techniques, including social engineering, which is based on identity theft and deception (Phishing), which puts the information of public and private institutions at risk, threatening the confidentiality, integrity and availability of information. The objective of this research is to contribute to the improvement of information security at the Universidad Nacional de Loja, specifically regarding the prevention of social engineering attacks known as Phishing. To achieve this, it will be necessary to implement an ethical simulation campaign of a social engineering attack called Phishing, directed towards the administrative staff of the institution. This will be carried out through the institutional emails of the administrative staff, using the GoPhish tool, which allows recreating a simulation environment of social engineering attacks such as Phishing, with the aim of assessing the level of knowledge of the administrative staff regarding Phishing attacks. Results of the simulation will be collected and stored, identifying the number of people who were victims of the cyberattack simulation, which will be shared with the Technology Department (DTI) personnel. This will enable them to implement subsequent campaigns on the prevention of cyber-attacks under this modality. Finally, administrative staff at Universidad Nacional de Loja who were victims of the Phishing attack simulation will be trained, explaining the causes and consequences of being victims of this type of attack, and how to remain vigilant and prevent the theft of confidential information belonging to both the staff and the institution they work for. Keywords: Phishing, Information Security, Social Engineering, GoPhish, Simulation, Cyber-Attack. |
|---|