Social engineering is the manipulation of people to perform an action or release confidential information. It is also known as a’method attack’. This involves using persuasion and sometimes abuse of trust to obtain information that can be used to access unauthorized computers or information.
This technique can be used in many sectors of information security. It is independent of the platform, software, or computer system and uses, the most vulnerable element of any system, the person, to launch social engineering attacks. This technique is not limited to information technology. It exploits human weaknesses in the company’s physical or juridical area. Another definition of social engineering is: It is the art and science of tricking victims to obtain confidential information or information that could aid in an attack. This can be done in many ways, including social engineering.
Vishing: This is when the person initiating the attack uses a telephone system (it could be via VoIP) in order to gain access to the victim’s personal information.
– Phishing is a type of attack that tries to trick the victim into opening email attachments believing it is legitimate.
Spear Phishing is a similar attack to phishing but with a specific target such as a company or government agency.
Hoax: When spread in mass by dissemination vehicles, this lie may appear to be true. This can be done via social networks, e-mail, or TV.
Whaling is a technique that is very similar to spear phishing, but with more content and specificity than spear phishing. An e-mail sent to a call center manager in a complaint about a service is the best example of “whaling”. The email body will contain links to malicious sites that attempt to steal information from the victim.
Shoulder surfing: This is a method of social engineering where an individual provides confidential information to another person believing it to be normal.
It is possible to reveal it. The easiest way to leak information is by looking over the shoulder (shoulder surfing). This is the famous “spy” technique that allows you to see what the other person is doing.
Dumpster Diving: This is a method of social engineering that is the oldest and doesn’t require any technology. How many times have we thrown things in the trash that didn’t matter to us but were valuable to someone else? To ensure that the document is not used by anyone else, companies and some individuals use the “paper shredder”.
Tailgate: This attack often results from people being too kind. How many times have your doors been left open for someone who was coming in front of you? This is a matter of education in public places such as restaurants, cinemas, and other venues. However, it is not necessary for anyone else to enter those premises. If the reader card is used to validate the door opening, leaving it open for another person to enter can be fatal. This could be someone with malicious intent or who has just used the tailgate to enter the premises without permission. You should be polite and allow someone to come in with your next visit. Also, you might be violating company policy.
These are real examples of social engineering attacks
2017 Ethereum
After the hacking of the Ethereum Classic website in 2017, several people lost thousands in cryptocurrency. Soc
