The human mind is not immune from hacking. Social engineering is the art of tricking users into performing certain harmful activities or revealing confidential information to attackers. Knowing the tricks used by hackers to trick users into releasing vital login information among others is fundamental in protecting computer systems.
In this article, we will introduce you to the common social engineering techniques and how you can come up with security measures to counter them.
What is social engineering?
Social engineering is the art of manipulating users of a computing system into revealing confidential information that can be used to gain un-authorized access to a computer system. The term can also include activities such as exploiting human kindness, greed and curiosity to gain access to restricted access buildings or getting the users to installing backdoor software.
- Gather Information: This is the first stage, we learn as much as we can about the intended victim. The information is gathered from company web sites, other publications and sometimes by talking to the users of the target system.
- Plan Attack: The attackers outline how he/she intends to execute the attack.
- Acquire Tools: These include computer programs that an attacker will use when lunching the attack.
- Attack: Exploit the weaknesses in the target system.
- Use acquired knowledge: Information gathered during the social engineering tactics such as pet names, birth-dates of the organization founders, etc is used in attacks such has password guessing.