Methods of social engineering today

An attack on an inexperienced Internet user can follow many different scenarios.

Attackers use such human feelings as inattention, curiosity, greed, and credulity, “play” on the qualities of the interlocutor’s character or lack of professional knowledge. Let’s talk about the most common types of social engineering.

Phishing

One of the main methods of social engineering – phishing – is to create a mass Internet mailing allegedly on behalf of a well-known organization. In the classic phishing scheme, the user receives an email with a “reasonable” request to follow a link to a fictitious site for authorization. The letter may ask you to change your password or provide your bank card details. The victim of fraud does not understand what is falling on the phishing resource and provides the requested information.

Trojan

This technique involves hacking into a victim’s computer. The essence is as follows: the mail receives a letter with an offer to receive additional income, winnings, compromising information on a colleague, antivirus updates, or other “bait”. By downloading the program, the user infects his device with a virus that can collect or modify available information. The file is carefully disguised, so not everyone can recognize a fake: that is why the “Trojan horse” is considered one of the methods of social engineering.

Qui about quo

This method got its name from the Latin phrase “quid pro quo”, which means “service for service”. The criminal’s algorithm is as follows: he calls the user, introduces himself as a technical support officer, and reports software failures. Of course, there are no problems, but a gullible person tries to help and follows the instructions of the attacker, thus providing access to important information.

Pretexting

Another method of social engineering. Pretexting is an action performed according to a pre-compiled algorithm. To obtain the necessary data, the social hacker pretends to be a person known to the potential victim. Attackers call citizens and are represented by employees of credit and financial organizations, call centers, or technical support. To build trust, fraudsters tell the other personal information about him or her (such as last name, position, date of birth) or projects he or she is working on. Sometimes a hacker pretends to be an acquaintance or family member and asks you to quickly transfer funds to a specified account.

Reverse social engineering

This type of attack is aimed at creating a situation where the victim turns to the scammer. Usually, criminals achieve their goal in two ways: by advertising their own “services” or by installing malware.

Introduction of special software

The cybercrime scheme is designed to get the user to contact them. Initially, the installed program works “like clockwork”, but over time, problems occur. By performing the actions specified by fraudsters, a person provides access to their data. And when the fact of information leakage is revealed, the perpetrator remains unsuspecting, because, according to the victim, he was simply providing assistance and doing his job.

Another example of using social engineering techniques is that dialog boxes may appear on your device notifying you of a failure or need to update. Unaware of the fraud, the user follows a link in a dialog box or downloads a “new version” of the program, thereby installing a malicious file on their computer.

Advertising

Most often, when looking for a master, we rely on our own intuition and can not always objectively evaluate the work of a technical specialist. This is used by criminals: by advertising services, they create a situation where the potential victim is forced to turn to them. Under the guise of repairing or restoring Windows, a scammer may install a virus file or gain access to sensitive information. If a hacker has the makings of a psychologist, he can easily extract the necessary data in the communication process.

Related Posts

Google recommends updating your Chrome browser

At the end of last week, an urgent update of the Google Chrome browser was released, designed to eliminate a zero-day vulnerability – this is the class…

iPhone 14 Pro was shown in photos and videos

The presentation of the iPhone 14 Pro will take place, most likely, on September 7. Meanwhile, more and more information about the gadget dreamed of by many…

Lenovo Legion Y70 is officially presented

The Lenovo company officially presented its first smartphone on the flagship Qualcomm Snapdragon 8 Plus Gen 1 platform – it was the new gaming Lenovo Legion Y70….

The new low-cost iPad has been put into mass production

ITsider previously reported that the new iPad Pro 2022 with a notch will be equipped with the Apple M2 chipset. And today it became known that Apple…

Vivo Y35 is officially presented

The company Vivo without loud announcements presented a new affordable smartphone Vivo Y35. The model received 44W FlashCharge fast charging (most similar solutions, it should be noted,…

Poco M4 5G is presented on the international market

The Poco company presented the M4 5G model on the international market. We will remind you that the model was presented on the Indian market in April….

Leave a Reply

Your email address will not be published.