THE CONCEPT OF SOCIAL ENGINEERING Part One || Because there is no patch for human stupidity

Social Engineering...

Social engineering is simple the art of using your technique or charms to gather information from someone or manipulating someone to give up vital information. Social Engineering is a very vast term and i will be breaking it down as time goes by in different articles but as for today, we shall focus on social engineering and types

sc.png IMG SRC

Most often, Attackers uses human interaction to compromise or obtain specific information and the information which these attackers usually want may differ, but when people are targeted the attackers are simple trying to trick you into giving them information which can be use against you at the end. They can trick into giving up your passwords, or banking information or access your personal computer to secretly install a Trojan that is going to give them access to information stored in the computer. These attackers are usually respectable people and or may be very close people which you would never expect.

Attackers use this technique because it is usually the simplest way to exploit once inclination of trust than writing lines of codes finding ways to hack your software of PC. You would agree with me that it is very simple to play with someones mind, and convince that person to give up his password to you than it is when you are trying to hack the password ( except the password is weak ).

Generally, to be secured rotates around knowing who, what and when to trust. It is very important to know when to take a person for their words as well as when not to take someone for their words, and to know if the person you are talking with is really who they claim to be. This same principle goes with websites. If the website your are using is legit for you to provide your personal information.

What Does Social Engineering Attack Look Like??

Using fake stories or pretext.

I remember one time, a friend of mine got to me saying his facebook page has been hacked and the hackers are using unpleasing stories to get money or make his contact send money to them. The hackers where like telling his contact that his mom is sick and needs immediate medical attention . If they can lend some money for him to take his mom to the hospital, he is going to pay back.

In the above scenario, the new is fake and since the attackers had manage to get access to his account, they are now trying to social engineer their way to get money from his contact.

Using phishing techniques.

This method is simple when the attacker or phisher sends a message, text, or even email which appears to be legit and obviously comes from legit source, trying to get your personal information.

In my next post, id continue sharing the different types of social engineering and ways you can prevent or protect yourself from such attack. See you around, @saxopedia.

Future reading