Social engineering is as old as fraud itself. To use it, nothing more is ne than some knowlge about the person we want to “get” and a little cunning. Social engineering is an attractive topic for filmmakers, writers, and consumers alike, who are happy to like a smart and likable villain who uses his magic to conquer unpleasant bankers and corporations, only to “burn the pond” so to speak.
However, social engineering ceases
Such an attractive topic the moment it touches us ourselves. The moment it is our pond that someone on the other side of the net successfully tries to burn. (Of course, it doesn’t have to be only Internet “attacks”, social engineering can be us very easily with the right information and face-to-face, but that’s not what this article is about.)
One of the most famous social engineers is Kevin Mitnick , who in his youth learn phreaking (hacking into telephone networks) and psychological manipulation of people , which he us mainly for his own amusement. But soon he start using his abilities to get into the networks of big companies (IBM, Motorola, Nokia…) and to escape from the FBI.
However, he ultimately fail to avoid the hands of justice and was sentenc to five years in prison and bann from using all communication devices except landlines. He was releas from prison in 2000 and shortly thereafter publish italy phone number data a book on social engineering call The Art of Deception . Today, Mitnick is one of the leading experts on Internet security.
However, as already mention at the beginning of the article, the beginnings of social engineering go much deeper into history, but we prefer to look at that side of it that is waiting for us in every corner of the Internet.
Types of cyberattacks using social engineering
Most of us these days don’t get caught up in an email about a distant uncle who di and bequeath us a stunning inheritance.
Spam email
But even smart attackers know that. Yes, similar e-mails probably won’t just disappear from the face of the earth. They’re easy, cheap, and there’s always hope that someone will pick up on them. This type of attack is call phishing, and we’ll get to it in more detail in a moment.
Baiting – “bait” means “bait”. In this type of attack, the criminal offers the user something that simply cannot be resist. It can be a crack for the latest game, or “super-sexy-photos-of-your-neighbors.zip”. Just anything that entices you to click and download a file. The “more decent” malware that you download in this way will at least deliver the product that you were originally lur to, along with the virus, but that is more of an exception.
Pretexting – a popular method of obtaining information, in which the attacker skillfully mixes the truth with lies in order to gain your trust and with it the data they desire. In this social engineering technique, the attacker often pretends to be, for neural network for creating presentations: top 10 tools for business example, a colleague, an official, or a representative of a company you usually deal with.
A typical case of pretexting was recently describ on the Mium.com blogging platform by Eric Springler . An attacker impersonating him using freely available information obtain a large amount of sensitive data from Amazon’s customer support.
Phishing – the most well-known and already mention social engineering technique that most of us have come cz lists across is phishing. Phishing typically involves an attacker trying to gain access to online banking or other.