Social engineering is the art of manipulating another into volunteering confidential information. Criminals typically trick victims into forking over passwords and bank details. Some will attempt to gain hardware access in order to install malicious software that will grant control of the machine and access to valuable information.
Social engineering tactics are designed to exploit the human inclination to trust others, especially those in positions of responsibility. Tricking someone into handing over confidential information, such as a password or account details requires a different set of tools, less technical and more interpersonal communication skills. Hacking a password is notably more difficult than convincing a victim to hand over their password. Criminals will usually make contact via email or over the phone, although the most daring may approach in person.
Being concerned with hi tech, sophisticated hacking is important and will become increasingly so as the internet grows to play a greater role in daily life but it is important to guard against all attempts by criminals to fraudulently acquire personal (and profitable) information.
The case of nine criminals who were arrested in the UK over an alleged $90 million fraud targeting business banking customers should act as a timely reminder of the danger of low tech, social engineering hacking schemes.
The gang posed as bank employees to trick their victims into handing over confidential information over the phone. Using a preexisting trusted relationship to manipulate a victim into handing over data speaks to the essence of social engineering.
The recent TalkTalk fiasco is another example of the threat posed by criminals and their social engineering exploits. Following the data breach, the company has since admitted that over 1 million customer names, emails and phone numbers were ceded to the hackers; over 20,000 bank account numbers and sort codes.
The updated admission from TalkTalk followed customers' claims that their details had been used to initiate phone calls from scammers to gain banking details and join them with names, addresses and DOBs of customers. Some customers have claimed to have lost their entire life savings as a result of subsequent 'phishing' phone calls, having provided thieves masquerading as TalkTalk employees their full bank details.
Readers are advised to be wary of any unsolicited communication and to avoid making rushed decisions based on the pressure techniques used by scammers.
![](https://buffer.com/add?url=https://afritechnet.blogspot.com/2015/10/what-is-social-engineering.html&picture=https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPz9uKpLrtKVN09r7PZ-OBNZzUUzOxmSBzNvGtS-rU5w1ib2D7BlhwCjisAq-bRU3rW4GxCb7nqoaQcCtEt8SbSFk1wdIfLFXAkLqMYsm0CiA84o8LXtnVmPUYWEUwS9Bih64dljbsNRml/s72-c/social_engineering_tutorial_thumbnail_by_shadowzknowledge-d66ihbj.jpg&text=What is "Social Engineering"?&via=stc_network)
0 comments:
Post a Comment