Social Engineering Attack

Social Engineering Attack
Social Engineering is an act of psychological manipulation of people into performing some actions or disclosing confidential information. It is one of the most popular and threatful attack in the cyber world. It is known as the threatful because, in social engineering attacks, cybercriminals do not look for the vulnerability within the system. Instead, they manipulate or trick the people(either victim or system administrations or both) to divulge confidential information. And with the help of such confidential information, they can have unauthorized access to the system.

How Social Engineering Attack Works?

In a typical social engineering attack, cybercriminals communicate with the targeted victim directly or indirectly pretending their trustworthy and divulging the information from them. If this psychological manipulation works, then the cybercriminals can further manipulate victims to perform some actions such as filling some forms which consist of some credential information such as credit card details, passwords, pins, etc...

Let us understand it through an example:
Alex got a mail to join a free webinar of his interested topic free of cost by clicking on a link and signing up there. Excitedly Alex clicks on that malicious link and uses the login with the Facebook option in that link. After clicking on it, an interface opens up as same as the Facebook login interface, and here Alex without verifying the source of that mail, he fills up his email and password of the Facebook account and which eventually got his Facebook account compromised by the cybercriminal who sent the mail and created this whole fake scenario in order to trick Alex and get his Facebook account's email and password.

Popular Method/Techniques Of Social Engineering Attack

  • Phising
  • Vishing
  • Baiting
  • Physical Social Engineering
  • Diversion Theft
  • Scarewar

Preventions From Social Engineeriiing Attack

  • Set your spam filters to high.
  • Do not open mails and attachments from suspicious source.
  • Beaware before downloading any software from unknown sources.
  • Use two-factor authentications for strengthing security level of your accounts but don't reveal these thiings to anyone.
  • Research the fact before taking any actions.
Anonsagar Founder of Tritech and creator of "Anonsagar Cyber " blog that you are currently previewing. Through this blog and youtubechannel, my attempt is to teach basics and those coding techniques to people in short time which took me ages to learn. 6 min read