Methods of social engineering today

An attack on an inexperienced Internet user can follow many different scenarios.

Attackers use such human feelings as inattention, curiosity, greed, and credulity, “play” on the qualities of the interlocutor’s character or lack of professional knowledge. Let’s talk about the most common types of social engineering.

Phishing

One of the main methods of social engineering – phishing – is to create a mass Internet mailing allegedly on behalf of a well-known organization. In the classic phishing scheme, the user receives an email with a “reasonable” request to follow a link to a fictitious site for authorization. The letter may ask you to change your password or provide your bank card details. The victim of fraud does not understand what is falling on the phishing resource and provides the requested information.

Trojan

This technique involves hacking into a victim’s computer. The essence is as follows: the mail receives a letter with an offer to receive additional income, winnings, compromising information on a colleague, antivirus updates, or other “bait”. By downloading the program, the user infects his device with a virus that can collect or modify available information. The file is carefully disguised, so not everyone can recognize a fake: that is why the “Trojan horse” is considered one of the methods of social engineering.

Qui about quo

This method got its name from the Latin phrase “quid pro quo”, which means “service for service”. The criminal’s algorithm is as follows: he calls the user, introduces himself as a technical support officer, and reports software failures. Of course, there are no problems, but a gullible person tries to help and follows the instructions of the attacker, thus providing access to important information.

Pretexting

Another method of social engineering. Pretexting is an action performed according to a pre-compiled algorithm. To obtain the necessary data, the social hacker pretends to be a person known to the potential victim. Attackers call citizens and are represented by employees of credit and financial organizations, call centers, or technical support. To build trust, fraudsters tell the other personal information about him or her (such as last name, position, date of birth) or projects he or she is working on. Sometimes a hacker pretends to be an acquaintance or family member and asks you to quickly transfer funds to a specified account.

Reverse social engineering

This type of attack is aimed at creating a situation where the victim turns to the scammer. Usually, criminals achieve their goal in two ways: by advertising their own “services” or by installing malware.

Introduction of special software

The cybercrime scheme is designed to get the user to contact them. Initially, the installed program works “like clockwork”, but over time, problems occur. By performing the actions specified by fraudsters, a person provides access to their data. And when the fact of information leakage is revealed, the perpetrator remains unsuspecting, because, according to the victim, he was simply providing assistance and doing his job.

Another example of using social engineering techniques is that dialog boxes may appear on your device notifying you of a failure or need to update. Unaware of the fraud, the user follows a link in a dialog box or downloads a “new version” of the program, thereby installing a malicious file on their computer.

Advertising

Most often, when looking for a master, we rely on our own intuition and can not always objectively evaluate the work of a technical specialist. This is used by criminals: by advertising services, they create a situation where the potential victim is forced to turn to them. Under the guise of repairing or restoring Windows, a scammer may install a virus file or gain access to sensitive information. If a hacker has the makings of a psychologist, he can easily extract the necessary data in the communication process.

Related Posts

Sweatcoin: how to turn steps into a crypt for free

Sweatcoin, a London-based software firm, intends to motivate people to exercise more and create SWEAT, a move-to-earn token, in order to help the world recover. Sweatcoin’s goal…

Nissan and Mitsubishi will jointly release an electric car

Nissan and Mitsubishi have announced a new general-purpose kayak with an all-electric powertrain. The premiere of the novelty is scheduled for May 20. The train will be…

Huawei sales fall for six consecutive quarters

Huawei Technologies’ sales in the first quarter of 2022 were 131 billion yuan. The Chinese company’s sales have been declining over the past six quarters. Huawei’s net…

There’s a new way to install Windows 11

Microsoft released a physical media version of the Windows 11 operating system in a package containing a flash drive. A new installation method has emerged, according to…

The main signs of an attack with the help of social engineering

You are quietly working at the computer, and suddenly a letter arrives in the mail with a message from the employees of a company you know. How…

Social engineering today

Social engineering is a phenomenon that can be resisted if you follow simple rules and stay vigilant. “Hi, there! Can you please put money on the card…

Leave a Reply

Your email address will not be published.