Social Engineering: An Introduction


Social engineering is a word used to encompass a broad range of malevolent activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.

Social engineering attacks happen in one or more steps. A perpetrator first studies the intended victim to gather essential background information, such as possible points of entry and weak security protocols, needed to advance with the attack. Then, the attacker moves to gain the victim’s trust and offer stimuli for consequent actions that break security practices, such as revealing delicate information or giving away access to critical resources.
What makes social engineering dangerous is that it depends on human error, rather than weaknesses in software and operating systems. Mistakes made by genuine users are much less predictable, making them harder to identify and thwart than a malware-based intrusion.
Social engineering attacks come in many different forms and can be performed anywhere where human interaction is involved. The following are the five most common forms of digital social engineering assaults. Let’s take a look all the techniques that are used to achieve malevolent interests.
Baiting
As its name implies, baiting attacks use a false promise to pique a victim’s greed or curiosity. They lure users into a trap that steals their personal information or inflicts their systems with malware.
Scareware
Scareware involves victims being bombarded with false alarms and fictitious threats. Users are deceived to think their system is infested with malware, encouraging them to install software that has no real benefit (other than for the perpetrator) or is malware itself. Scareware is also referred to as deception software, rogue scanner software and fraudware.
Pretexting
Here an attacker obtains information through a series of cleverly crafted lies. The scam is often initiated by a perpetrator pretending to need sensitive information from a victim to perform a critical task.
Phishing
As one of the most popular social engineering attack types, phishing scams are email and text message campaigns aimed at creating a sense of urgency, curiosity or fear in victims. It then prods them into revealing sensitive information, clicking on links to malicious websites, or opening attachments that contain malware.
Spear phishing
This is a more targeted version of the phishing scam whereby an attacker chooses specific individuals or enterprises. They then tailor their messages based on characteristics, job positions, and contacts fitting to their victims to make their attack less conspicuous. Spear phishing requires much more effort on behalf of the perpetrator and may take weeks and months to pull off. They’re much harder to detect and have better success rates if done skillfully.Mal
In tomorrow’s post we will discuss cryptocurrencies and social engineering so stay tuned.








Comments

Post a Comment

Popular posts from this blog

What is Mimblewimble?

Image
Tested for decades, Mimblewimble uses elliptic-curve cryptography that requires smaller keys than other cryptography types. In a network that is using the Mimblewimble protocol, there are no addresses on the blockchain, and the network’s data storage is highly efficient. Mimblewimble needs about 10% of the data storage requirements of the Bitcoin network. This makes Mimblewimble highly scalable for storing the blockchain , significantly faster, and less centralized. Furthermore, the nature of the protocol allows for private transactions that are highly anonymous (more about this later). The birth of Mimblewimble Rejoice, Harry Potter fans! Another reference is coming from the movie fan world. The Mimblewimble Whitepaper   was first published on July 2016 in the Bitcoin research channel under the anonymous author name of Tom Elvis Judisor – the French name for Voldemort. Soon after the whitepaper was published – at the end of 2016 -, another anonymous user wit...
Read more

Use XcelToken Plus and visit great Nordic Fintech conference in Copenhagen!

Image
XcelToken Plus is adopted into usage on XcelTrip - an online travel booking platform where you can check-in at over 800,000 hotels and book tickets with over 400 airlines. But also XcelTrip has special offer for Blockchain & Crypto Influencers around the world. Book COPENHAGEN FINTECH WEEK 2019 Event via XcelTrip, just select the Departure airport Kastrup or Roskilde and Date of travel using XcelToken Plus. This year, Copenhagen FinTech Week welcomes more than 1000 attendees from all continents. Great opportunity to take part in sharing insights with the 60+ international Blockchain speakers gathered from over 15 different countries, to join keynotes and panels tackling hot Tech topics. Immerse yourself in the networking sessions and workshops which crafted for you, meet fantastic fintech startups showcasing and pitching on stage. The Copenhagen FinTech Week 2019 will be home to the brightest fintech minds from all over the world. Get the chance to network, exchang...
Read more

5 Things You Must Know About Croatian Culture

Image
Culture is everything in the Balkans. Croatian culture gets drummed into young people from an early age, an obvious hangover of centuries of occupation and having to fight for national existence. There is plenty to love in the culture, however, especially if you’re into red-and-white checkerboards. What makes the Croats stand out from the pack? In a part of the world where languages intertwine, and much of history is shared, it is culture that separates the Croats from their Slavic brethren. Here are the 5 things you must know about Croatian Culture before vacationing there: Red-and-white checkered everything If there is one thing that is synonymous with Croatia, it is the distinct red-and-white checkerboard design that is ubiquitous here. Whether it is adorning the jerseys of national sports teams, the faces of supporters or practically every flag in the country, there is nothing more Croatian than what the local people call the šahovnica (chessboard). The šahovnica has been ...
Read more