Social engineering is a non-technical strategy cyber attackers use that relies heavily on human interaction and People want to extract information, they want to hack people’s accounts, credit cards, and other things . An attacker can end up convincing a person to give him the information he needs by deceiving them.
The success of social engineering techniques depends on attackers’ ability to manipulate victims into performing certain actions or providing confidential information.
For Example : Even your friends sitting next to you concentrating on your keyboard while you type your passwords is a social engineering
Types of Social Engineering
1)Phishing Scams :
Phishing scams might be the most common types of social engineering attacks used today.
- Seek to obtain personal information, such as names, addresses and social security numbers.
- Use link shorten or embed links that redirect users to suspicious websites in URLs that appear legitimate.
Some Emails may also have exhibiting spelling and grammar errors messages oftentimes exhibit spelling and grammar errors but these emails are no less focused on directing victims to a fake website
2) Spear Phishing :
Spear Phishing is it requires an extra effort from the side of the attackers. They need to pay attention to the degree of uniqueness for the limited number of users they target. The chances of users falling for the false emails are considerably greater in the case of spear phishing.
3) Pretexting : Pretexting is based on a scripted scenario presented in front of the targets, used to extract some other information. You might’ve seen various TV shows, movies , youtube videos , detectives use this technique to get into places where they extract information by tricking people .It can be fake emails you receive from your distant friends in need for money.
4)Baiting :
Baiting attacks are not restricted to online schemes, either. Attackers can also focus on exploiting human curiosity via the use of physical media. Baiters may offer users free music or movie downloads, if they surrender their login credentials to a certain site.
Baiting attacks are not restricted to online schemes, either. Attackers can also focus on exploiting human curiosity via the use of physical media. Baiters may offer users free music or movie downloads, if they surrender their login credentials to a certain site.
To assess the security of a financial client, Steve and his team infected dozens of USB with a Trojan virus . Example is many of the client’s employees picked up the USBs and plugged them into their computers, which activated a keylogger and gave Steve access to a number of employees’ login credentials.
5) Quid Pro Quo:
Quid pro quo involves a hacker requesting the exchange of critical data or login credentials in exchange for a service. Example is a hacker, posed as a researcher, asks for access to the company’s network as part of an experiment in exchange for $100. If an offer sounds too good to be true, it probably is quid pro quo.
To Protect Social Engineering Attacks
Social engineering is essential for ensuring corporate cyber security. To protect for social engineering school and employees should have the awareness not to open mails from unknown sources . All company desktops, laptops and mobile devices should automatically lock when left idle for longer than 5 minutes. By leveraging a solid backup and recovery solution, everyone can rest easy.
Hello, Viewers We offer timely analysis and in-person experiences that form the basis of our professional articles. Our editorial section is a reflection of the emerging technology trends. Our tagline “Fresh News of Technology and More” tries to address the same diversity. 
No comments:
Post a Comment