Hi friends, here I am back with another article. This is just detailed introduction about Social Engineering. Here I will say how it takes place, and Prevention Method.
WHAT IS SOCIAL ENGINEERING?
Social Engineering refers to psychological manipulation of the people into either performing action or giving out confidential information.
TECHNIQUES:
Many attacker uses some common techniques to extract the information out. Some are..
1} Pretexting: is to create an invented scenario to engage a targeted victim wherein he would give out information or perform actions that would be unlikely in ordinary circumstances.
2} Diversion Theft: is exercised by Professionals thieves, or Black Hat Hackers, normally against a courier Company or Transport. The aim is to persuade the people responsible for a legitimate delivery that the consignment required elsewhere.
3} Phishing: a common method is used to get the information through fraud, or fake page and stores the confidential information.
4} IVR: also known as phone phishing uses a false interactive voice response (IVR) system to recreate a copy an IVR system.
5} Baiting: It is like a Trojan Horse which attacks the systems through Flash Drives or CD-ROM. When victim opens such affected malicious files, without knowing himself malware installs on his PC. They may be Key Loggers.
6} Quid pro quo: A advance method by which a social engineering occurs, in this attack, attacker pretends to be someone from the IT or different company and makes random calls asking if there is any issue, finally finding someone who needs help, attacker gets them to type commands giving access to the Hacker to launch his Malware.
SOCIAL NETWORKING:
Many are been social engineered using Social Networks. Attackers normally create a Fake Account with name of celebrities, or a Girl or reputed Organization. Then they target the victim start chatting with the victim, thus extracting out the Information. Such questions Like: What is your Favorite Movie, or Food, Place? What is your Mother or Father or Childhood Name? Also Alternate Emails and Phone Numbers. These questions are very important in recovering your Emails or Social Networking Sites Password in case you forgot them. And attacker will use the same Answer to change the Password of victim.
PREVENTION METHODS:
1} Don’t click on Links offering free or anything that you haven’t asked.
2} Don’t send sensitive information over the internet.
3} Delete the Emails that ask for Personal Information.
4} Don’t use real details when filling out surveys.
5} Identifying Phishing Emails: Requests for personal information, Fake Links, beware of the URLs that include the @ sign, Also some altered text or Links Like; www.microsoft.comcould appear instead as www.micosoft.com, Message body is an image.
6} Anti Phishing Toolbar: Anti Phishing software consists of programs that identifies the fake content on website or email attachments.
So, This is all about Social Engineering, Stay Tuned for Next articles. Any Doubt Contact me
Like My Page and Follow me on Facebook.
Hi, I'm Gaurav Thakur. I'm the proud owner of PahadiGeeks. I've interest in tech since childhood. So, I thought to why not share my knowledge with you guys. This gives birth to our blog, PahadiGeeks.com 
0 comments: