Contents:
1. Introduction to Social Engineering
2. Examples of Social Engineering
3. Methods of Social Engineering
4. Advantage of Social Engineering
5. Are You a Social Engineer?
6. Final Thoughts
1. Introduction to Social Engineering
Before I get into the World of Social Engineering, please keep in mind that this guide was made for, but not limited to, beginners. So with that in mind, let’s get this show on the road! So what exactly is social engineering? I’m sure this question has been asked a million times, you’re probably even asking yourself this now! To cut around the BS and throw away the leftovers, social engineering is the act of manipulating people into revealing information or tricking the victim to performing actions that are beneficial to the user. That’s it! To put it in simpler terms; ever trick someone into doing something dumb, or told a lie to get someone to tell you something, or even get your friend to lie for you to get “something” out of it? That’s social engineering my friends! It’s that simple, and anyone can do it, even the weird kid in your class that’s deaf that tries to talk, but can’t, but still tries anyway! Although social engineering is relatively easy to do, and can be used anywhere at any time, the very world of it is complex, there is no “one-way” to doing things. Your options are endless, so make use of it!
2. Examples of Social Engineering
Proper Engineering is Social Engineering
3. Methods of Social Engineering
Some Methods of Social Engineering:
* Phishing – is a technique often used to obtain private information. Typically, the user sends an e-mail that appears to come from a legitimate business requesting “verification” of information and warning of some consequence if it is not provided. The e-mail usually contains a link to a web page that seems legit and has a form requesting everything from a home address to an ATM card’s PIN.
* IVR or phone phishing – also known as “vishing”; this technique uses an Interactive Voice Response (IVR) system to recreate a legit sounding copy of a bank or other institution’s IVR system. The victim is prompted to call in to the “bank” via a phone number provided in order to “verify” information.
* Baiting – Baiting is like the real-world Trojan Horse that uses physical media and relies on the curiosity or greed of the victim. In this attack, the attacker leaves a malware infected floppy disc, CD ROM, or USB flash drive in a location sure to be found, gives it a legitimate looking and curiosity-piquing label, and simply waits for the victim to use the device.
* Quid pro quo – An attacker calls random numbers at a company claiming to be calling back from technical support. Eventually they will hit someone with a legitimate problem, grateful that someone is calling back to help them. The attacker will “help” solve the problem and in the process have the user type commands that give the attacker access or launch malware.
4. Advantage of Social Engineering
So to soak up what you’ve learned so far, which was, an introduction to social engineering and some examples on the very subject itself (SE). On to the very question that people want to hear and know. What can I GAIN from using social engineering? Anything! Like I said before, and not afraid to hesitate to say again, your options are endless when using social engineering! It all depends on your goal and how you approach it, is the defining factor of your outcome. Now with that said, don’t go off thinking that you can take over the World in a matter of a few days, not going to happen. But what you can do is practice using social engineering, little by little, step by step; learn how to build your ground and the environment around it. So yes, think outside the box and learn to open new doors! Keep in mind that connections and relationships is everything in being a social engineer, without it, what can you build from nothing? Nothing! That’s when social engineering comes in place, learn to make new friends, take the time to ask questions, and most importantly, learn your target! Like one once said, “My greatest enemy is also my best friend.” You can achieve anything with the right mindset!
5. Are You a Social Engineer?
So are you a social engineer? YES! You’re a social engineer even without knowing it! Believe it or not, more than 50% of people living on this Earth subconsciously don’t know what they’re capable of! That’s a scary thought, that’s a lot of potential lost! But with the right direction and approach to your goal, anything is possible! Anything. Don’t let your options deteriorate due to discouragement and with the wrong mindset. The decision is yours to let it happen or not!
6. Final Thoughts
You must feel good up to this point! I mean, not only did you catch a glimpse of the World of Social Engineering, but you can take this bit of info with you and apply it to whatever you are trying to achieve. One of the best features of social engineering is that it can’t be subjugated to one subject, so it can basically be used on virtually anything! I personally recommend using social engineering to create a positive effect, rather than a negative one. Remember, don’t get ahead of yourself and overdo it, or else you’ll end up in these happy hands:
1. Introduction to Social Engineering
2. Examples of Social Engineering
3. Methods of Social Engineering
4. Advantage of Social Engineering
5. Are You a Social Engineer?
6. Final Thoughts
1. Introduction to Social Engineering
Before I get into the World of Social Engineering, please keep in mind that this guide was made for, but not limited to, beginners. So with that in mind, let’s get this show on the road! So what exactly is social engineering? I’m sure this question has been asked a million times, you’re probably even asking yourself this now! To cut around the BS and throw away the leftovers, social engineering is the act of manipulating people into revealing information or tricking the victim to performing actions that are beneficial to the user. That’s it! To put it in simpler terms; ever trick someone into doing something dumb, or told a lie to get someone to tell you something, or even get your friend to lie for you to get “something” out of it? That’s social engineering my friends! It’s that simple, and anyone can do it, even the weird kid in your class that’s deaf that tries to talk, but can’t, but still tries anyway! Although social engineering is relatively easy to do, and can be used anywhere at any time, the very world of it is complex, there is no “one-way” to doing things. Your options are endless, so make use of it!
2. Examples of Social Engineering
Proper Engineering is Social Engineering
3. Methods of Social Engineering
Some Methods of Social Engineering:
* Phishing – is a technique often used to obtain private information. Typically, the user sends an e-mail that appears to come from a legitimate business requesting “verification” of information and warning of some consequence if it is not provided. The e-mail usually contains a link to a web page that seems legit and has a form requesting everything from a home address to an ATM card’s PIN.
* IVR or phone phishing – also known as “vishing”; this technique uses an Interactive Voice Response (IVR) system to recreate a legit sounding copy of a bank or other institution’s IVR system. The victim is prompted to call in to the “bank” via a phone number provided in order to “verify” information.
* Baiting – Baiting is like the real-world Trojan Horse that uses physical media and relies on the curiosity or greed of the victim. In this attack, the attacker leaves a malware infected floppy disc, CD ROM, or USB flash drive in a location sure to be found, gives it a legitimate looking and curiosity-piquing label, and simply waits for the victim to use the device.
* Quid pro quo – An attacker calls random numbers at a company claiming to be calling back from technical support. Eventually they will hit someone with a legitimate problem, grateful that someone is calling back to help them. The attacker will “help” solve the problem and in the process have the user type commands that give the attacker access or launch malware.
4. Advantage of Social Engineering
So to soak up what you’ve learned so far, which was, an introduction to social engineering and some examples on the very subject itself (SE). On to the very question that people want to hear and know. What can I GAIN from using social engineering? Anything! Like I said before, and not afraid to hesitate to say again, your options are endless when using social engineering! It all depends on your goal and how you approach it, is the defining factor of your outcome. Now with that said, don’t go off thinking that you can take over the World in a matter of a few days, not going to happen. But what you can do is practice using social engineering, little by little, step by step; learn how to build your ground and the environment around it. So yes, think outside the box and learn to open new doors! Keep in mind that connections and relationships is everything in being a social engineer, without it, what can you build from nothing? Nothing! That’s when social engineering comes in place, learn to make new friends, take the time to ask questions, and most importantly, learn your target! Like one once said, “My greatest enemy is also my best friend.” You can achieve anything with the right mindset!
5. Are You a Social Engineer?
So are you a social engineer? YES! You’re a social engineer even without knowing it! Believe it or not, more than 50% of people living on this Earth subconsciously don’t know what they’re capable of! That’s a scary thought, that’s a lot of potential lost! But with the right direction and approach to your goal, anything is possible! Anything. Don’t let your options deteriorate due to discouragement and with the wrong mindset. The decision is yours to let it happen or not!
6. Final Thoughts
You must feel good up to this point! I mean, not only did you catch a glimpse of the World of Social Engineering, but you can take this bit of info with you and apply it to whatever you are trying to achieve. One of the best features of social engineering is that it can’t be subjugated to one subject, so it can basically be used on virtually anything! I personally recommend using social engineering to create a positive effect, rather than a negative one. Remember, don’t get ahead of yourself and overdo it, or else you’ll end up in these happy hands: