What is Social engineering?
In computer security, social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and often involves tricking and fooling other people to break normal security procedures. A social engineer runs what used to be called a "con game". For example, a person using social engineering to break into a computer network would try to gain the confidence of someone who is authorized to access the network in order to get them to reveal information that compromises the network's security. They might call the authorized employee with some kind of urgent problem; social engineers often rely on the natural helpfulness of people as well as on their weaknesses. Appeal to vanity, appeal to authority, and old-fashioned eavesdropping are typical social engineering techniques.
Another aspect of social engineering relies on people's inability to keep up with a culture that relies heavily on information technology. Social engineers rely on the fact that people are not aware of the value of the information they possess and are careless about protecting it. Frequently, social engineers will search dumpsters for valuable information, memorize access codes by looking over someone's shoulder (shoulder surfing), or take advantage of people's natural inclination to choose passwords that are meaningful to them but can be easily guessed. Security experts propose that as our culture becomes more dependent on information, social engineering will remain the greatest threat to any security system. Prevention includes educating people about the value of information, training them to protect it, and increasing people's awareness of how social engineers operate.
 |
| Social Engineering: how its done and how to remain safe |
Explaining with common example:
Such as a small example is this that i came across and email in my msn account. It was written in that email that your bank account will be deleted soon there is a lot of money in it. So, you click the link below to save it. However now i know that i don't have a bank account in any foreign country but what is it that often people become greedy and they do not know that it is a spam and scam. Ultimately on clicking link their session is hijacked or there passwords are stolen.
Another example is that you have often seen that emails come that you have won a prize money. Click the link below. and also sometimes you want to hack facebook acounts or paypal and you come across a software But i will say:
There is no software in this world to hack facebook or other acounts these are just programmed in VB or C++ to hack your own passwords.
So these are some of the examples of social engineering. and also hackers make videos and assure people that this software will hack hotmail,yahoo,gmail etc. But thats all fake.also if you receive email that your acount will be deleted then its also fake because there are terms and conditions to do things.
Further prevention:
Anti-Social-Engineering Tips & Tricks
|
Reason
|
Beware of people that call you on the phone and try to make you provide your personal information, passwords, and other sensitive information.
|
Always be skeptical if someone calls you on the phone and tries to get your personal information, your passwords, and other sensitive data. Always be skeptical and never give out any information to strangers.
Tell the people who are trying to get information from you that you need to confirm their claims first and then double-check by calling trusted parties.
More to the point, if a person who's claiming to be from your bank calls you and tries to get information from you, never give out anything. You should then call the bank and ask them if they called you to get information from you soon afterwards.
|
Never provide sensitive information via email.
|
If someone tries to get you to give out personal data, passwords, and other sensitive information via your email, don't do so. Always call back to the real source and confirm if such a request is needed.
If it is required, send your information via traditional mail so you know where it is being sent to (that is, you're sending it to the correct, official address of the trusted company).
|
Be skeptical of anyone that tries to get personal data, passwords, and other sensitive information from you.
|
Always be skeptical if anyone tries to get information from you. Normally, it is very rare for a company to make you give out any information, so you should never do so if you haven't checked the source first and are absolutely confident about it. It is your right not to give out any information unless it is under extreme circumstances.
|
If you need to track information about a person who tries to get information from you, then use the Penetrator or Portable Penetrator.
|
The Penetrator and Portable Penetrator can quickly retrieve a large amount of information about a person. By using this feature, you can get an overview of whether or not the person who's trying to make you reveal intimate details about your life is a legitimate official of a trusted company or organization.
Moreover, you can check out other sources over the worldwide web as well to see if the stranger you've encountered is a legitimate representative of a business connected to you or not.
|
If you receive an email saying that you have won something or please click this link otherwise your acount will be deleted then its fake donot click the link.
|
The hackers use this trick to spread there phishing pages and cookie stealing links to hack innocent people acounts and to use them for wrong purposes since these are registered at there names.
|
Would love to here from you...