What is: Social Engineering

IT Consultancy & Repairs, located in Crewe, servicing Cheshire and surrounding areas.

What is: Social Engineering

0

In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. This differs from social engineering within the social sciences, which does not concern the divulging of confidential information.

This, in many ways is similar to phishing. Criminals will use your own social media to manipulate you into divulging information. This could be posing as a work colleague and requesting you to add them to your network. That way they can ask you questions about work, login details etc.

How Does Social Engineering Work?

Most social engineering attacks rely on actual communication between attackers and victims. The attacker tends to motivate the user into compromising themselves, rather than using brute force methods to breach your data.

The attack cycle gives these criminals a reliable process for deceiving you. Steps for the social engineering attack cycle are usually as follows:

  1. Prepare by gathering background information on you or a larger group you are a part of.
  2. Infiltrate by establishing a relationship or initiating an interaction, started by building trust.
  3. Exploit the victim once trust and a weakness are established to advance the attack.
  4. Disengage once the user has taken the desired action.

This process can take place in a single email or over months in a series of social media chats. It could even be a face-to-face interaction. But it ultimately concludes with an action you take, like sharing your information or exposing yourself to malware.

It’s important to beware of social engineering as a means of confusion. Many employees and consumers don’t realize that just a few pieces of information can give hackers access to multiple networks and accounts.

By masquerading as legitimate users to IT support personnel, they grab your private details — like name, date of birth or address. From there, it’s a simple matter to reset passwords and gain almost unlimited access. They can steal money, disperse social engineering malware, and more.

You can read more information about Social Engineering by following this link: Kapersky Resource

©  2024 Paul Clarke IT Consultancy. Built using WordPress and the Highlight Theme