In the context of security, is understood to mean the art
of manipulating
people into performing actions or divulging confidential information.[1] While it is similar to a confidence
trick or simple fraud,
it is typically trickery or deception for the purpose of information gathering,
fraud, or computer system access; in most cases the attacker never
comes face-to-face with the victims.
"Social engineering" as an act of psychological
manipulation had previously been associated with the social sciences, but its
usage has caught on among computer professionals.[2]
Social engineering, in the context of
security, is understood to mean the art of manipulating
people into performing actions or divulging confidential information.[1] While it is similar to a confidence trick or simple fraud,
it is typically trickery or deception for the purpose of information gathering,
fraud, or computer system access; in most cases the attacker never
comes face-to-face with the victims.
"Social
engineering" as an act of psychological manipulation had previously been
associated with the social sciences, but its usage has caught on among computer
professionals.[2]
What is social engineering?
You've
got all the bells and whistles when it comes to network firewalls and your
building's security has a state-of-the-art access system. You've invested in
the technology. But a social engineering attack could bypass all those
defenses.
Say
two fire inspectors show up at your office, show their badges and ask for a
walkthrough—you're legally required to give them access to do their job. They
ask a lot of questions, they take electrical readings at various wall outlets,
they examine wiring under desks. Thorough, aren't they? Problem is, in this
case they're really security consultants doing a social engineering
'penetration test' and grabbing access cards, installing keystroke loggers, and
generally getting away with as much of your business's private information as
they can get their hands on.
Social
engineers, or criminals who take advantage of human behavior to pull of a scam,
aren't worried about a badge system. They will just walk right in and
confidently ask someone to help them get inside. And that firewall? It won't
mean much if your users are tricked into clicking on a malicious link they
think came from a Face book friend. In this article, we outline the common
tactics social engineers often use, and give you tips on how to ensure your
staff is on guard.
Social
engineering is essentially the art of gaining access to buildings, systems or
data by exploiting human psychology, rather than by breaking in or using
technical hacking techniques. For example, instead of trying to find a software
vulnerability, a social engineer might call an employee and pose as an IT
support person, trying to trick the employee
into divulging his password.
I hope this has been very informative, to order for the full material, call or text 07034538881 or Email :obejieric@gmail.com
No comments:
Post a Comment