الوسوم: social engineering attacks
- أبريل 14, 2019 الساعة 22:21 #2715
You don’t always have to be a hacker to qualify as a cybercriminal. There are a lot of ways people disrupt cyber security without using complex hacking software.
A good example is social engineering.
What is Social Engineering?
Social engineering is a type of cybercrime that is largely centered on deceit. Social engineers use carefully designed tricks to dupe people into willingly providing important information. Unlike hackers who forcefully break security barriers and steal information, social engineers use sly methods to trick people into thinking that they are credible entities.
Social engineering is a lot like targeted marketing. Social engineers understand your online tendencies and emotional reaction to products and services then capitalize on them to up their credibility.
For example if they know which online retailer you like buying from, they may sent you fake offers claiming to be from your retailer. To access those offers, you might be required to provide some vital information. Alternatively you might be provided with a link which when clicked on will install a virus or malware in your computer which can then be used to access personal information.
There are 6 very common types of social engineering attacks.
Types of social engineering attacks
Like the name suggests, this type of social engineering is all about using baits to trick victims. In other words, the scammer will arouse your curiosity and entice you into taking a desired action.
If you know about cybercrimes, then phishing needs no introduction. This is the most common type of social engineering attacks which is still very popular and successful despite a lot of people knowing about it.
Email and text messages are the most common platforms used to effect phishing attacks. You will get a message requiring you to send some kind of information which can then be used to commit a cybercrime.
For example, you might receive an email claiming to be from your bank requiring you to click on a given link. When you do, you might end losing some very vital information to the wrong people.
3. Email hacking and contact spamming
If you get an email from someone you know, it is very unlikely that you will ignore it. But what if your account got hacked and then the hacker sends messages to your contacts requiring them to send some kind of information?
Chances are, they will. What follows is that the hacker will have a ton of information which he can use to commit unthinkable cybercrimes.
Pretexting is all about attracting the victim’s attention and then keeping them hooked after which you will ask them for some information.
The most common of this social engineering attack is something am sure most of us have experienced. Tell me if this sounds familiar.
You receive a message from an unknown source claiming that you are the chosen beneficiary of some will. You get a long narrative of how you were chosen and to verify your entity, the bank or whatever needs some personal info from you.
Since you are very curious and don’t want to miss a lifetime opportunity, you go ahead and provide the information. The next thing you know, you are victim to a con artist.
5. Quid pro quo
Fraudsters are using every means to come across as being genuine. In quid pro quo, the scammer will ask for your information in exchange for something good. They basically make it look like it’s some kind of a fair exchange.
A good example is when you are the employee of a company and you receive a call from an alleged IT technician who needs your login credentials in order to fix something in your computer. Once you provide them, the fraudster will use your computer to access and steal important company information.
Vishing is basically the same thing as phishing. The difference is that in phishing, the scammers use emails and text messages while in vishing they use voice means such as a phone call.
The example we can gave in number 5 is also a good example for a vishing attack.
How to Protect Yourself from Social Engineering
1. Don’t rush. Social engineers thrive on their targets taking impulsive action. That is why it is important that you pause for a moment and try to analyze that message or phone call. If the request sounds fishy you should back off immediately
2. Verify the source. Social engineers will do anything to make themselves appear legitimate. However, things don’t always come from where they claim to come from. If you receive a message from your ‘bank’ you should consider verifying its authenticity before taking any action. Everything you receive via text or email should be treated with suspicion until you can verify its source. You will be surprised how much scam you can avoid this way.
3. Avoid deals that are too good to be true- The likelihood that some random stranger will pick you to inherit their fortune is almost non-existent. If you cannot ignore such requests on first contact, you should try to investigate and find who really is behind them. There is a high probability that they are coming from a veteran con artist.
4. Install an antivirus software or a security suite – The best way to prepare for the social engineering attackers is to ensure that your antivirus software and operating system is latest and top-notch. If your computer or other devices are attacked you stand a chance of a quicker recovery if you have the latest antivirus software. You can also set your OS to update automatically so that you are always safe in case of a security threat.
5. Update your email software. Most email programs such as Gmail can seamlessly filter spam emails so that you never have to see them. This can help you avoid a lot of security problems since you won’t be tempted to take action. As soon as you get a notification to update your email software, you should do so without delay.
Understanding how social engineers operate is crucial to protecting yourself both online and offline. You should always be on the lookout for fraudsters looking to reap from your sweat.
أبريل 15, 2019 الساعة 11:34 #2741
- هذا الموضوع تم تعديله في الآن بواسطة Nika Gigolashvili.
very enjoyable topic.
specially the social engineering part as its widely used now days because people just made it easy by posting lots of personal info in the web.أبريل 15, 2019 الساعة 12:03 #2742
We have to think about everything we have to do nowadays. One wrong move can ruin our life, by losing money or even giving them an access to our daily life which is worse than losing money. Some kids are being blackmailed because the wrong way of using the internet.
Always learn how to be safe.
أبريل 30, 2019 الساعة 13:17 #2880
- تمّ تحرير هذا الرد قبل الآن بواسطة OmarAltamimi.
It’s been featured on our medium: https://medium.com/@cybersecurecentral/types-of-social-engineering-attacks-and-how-to-protect-yourself-from-our-forums-f544c358ca23نوفمبر 11, 2019 الساعة 18:51 #5978
I cannot begin to recount the number of times I have been spanned by Nigerian “Businessmen”, A.K.A con-artists promising me blocks of solid gold or transfers of millions of dollars, hahaha. But in all seriousness, great article, as it sheds light on the different types of ways that attacks can be carried out.نوفمبر 17, 2019 الساعة 01:23 #6010
A very realistic, useful and informative guide in a day and age where such information is indispensable. As we continue to move forward with modernisation and technological advancement, we are becoming more and more prone to social engineering attacks, a term that sadly far too many are not even aware of. The key is to be informed, and to continue to seek to update that information. That article does a great job in that regard.نوفمبر 18, 2019 الساعة 19:57 #6068
Absolutely spectacular article. I myself have been the victim of social engineering, even though I don’t much like the use of the word victim, and I believe that anyone in the world with a Facebook account also shares in my victimhood, as Facebook gained some notoriety for its social engineering tactics. That is why we must all ready ourselves with the proper knowledge to combat this phenomenon, and this article does precisely that. Great read.نوفمبر 20, 2019 الساعة 02:12 #6092
Social Engineering has proven to be very effectives. Governments and large corporations employ social engineering techniques to benefit themselves and their private agendas every day. The only way a regular citizen can parry the effects is by being educated on how it is done and how to combat it. Great article.
- You must be logged in to reply to this topic.