If we talk about old days, a hacker often rely on the natural helpfulness as well as weakness of people whom he wanted to target. This tactic to break into computer network by gaining by the confidence of an authorized user and get them to reveal information that compromises the network’s security is known as Social Engineering.
What is Social Engineering??
It is nothing but a non-technical kind of intrusion that relies heavily on human interaction and involves manipulating people so they give up confidential information.
How can it be used?
Social Engineering was very effective those old days as well as today, as major targets are made victims using this trick only and it is also one of the important components of many types of exploits like:
1. Virus writers use social engineering tactics to persuade people to run malicious email attachments.
2. Phishers use social engineering tactics to convince people to disclose their sensitive information such as banking credentials and passwords.
3. Scareware vendors use social engineering to frighten people into running software that is useless at best and dangerous at worst.
Security experts suggest that as our culture becomes more dependent on information, social engineering will remain the greatest threat to any security system. Prevention includes educating people about the value of information, training them to protect it, and the major part is, increasing people’s awareness on how social engineering operate.
Any Resources?
Christopher James Hadnagy, the President and Chief Human Hacker of Social-Engineer, Inc., wrote an absolute book on social engineering titled, Social Engineering: The Art of Human Hacking in which he detailed the entire lifecycle of social engineering and almost everything you needed to know about it.
Christopher is an American security consultant, author, and professional social engineer who has spent his 16 years in security and technology, specializing in understanding the ways in which malicious attakers are able to exploit human weaknesses to obtain access to information and resources through manipulation and deceit.

0 comments:
Post a Comment