is the attempt to gain access to ... data (such ...
... and credit card numbers) by gaining trust.
This methodof gaining access to a system is very popular among Social Engineering is the attempt to gain access to sensitive data (such aspassword, usernames and credit card numbers) by gaining trust. This methodof gaining access to a system is very popular among hackers.
It is oftensurprisingly easy and even more often successful. THIS IS PROBABLY THE MOSTSUCCESSFUL AND MOST USED METHOD OF GAINING ENTRY TO ACCOUNTS!Here's how it works.
You might receive a phone call from a representative ofyour computer company claiming there is a problem which requires immediateattention. He may offer to come right over and fix it (or, in a variation,he might send you a disk in the mail).
Of course, while he is there, hereboots your system with a "diagnostic" floppy inserted into the drive. Whenthe "tests" are done you will be relieved to find out from him that nothingis wrong with your system.
Naturally, you were just infected with a Trojanhouse which gives this stranger complete access to your system and all ofyour data files.A more common social engineering scheme (especially on America Online) is tosend out an email which says there is a problem with your account. Would youplease send your username and password by return email so it can be fixed?Or perhaps you are asked to visit a web site, which naturally requires youto log in with your username and password.
You might be asked to call aphone number, where the very official sounding person on the other end willjust want to verify that your account is yours by getting your credit carddata.An example of a standard social engineering attack is shown below. From: [email protected] To: [email protected] Subject: Account Compromised We have detected a major security breach to several accounts on our network.
While we do not believe that your account was among those compromised by hackers, we recommend that you check your account data immediately. To verify your account, just visit the following URL: http://www.yourISP.Com/security/view.htm Login to your account and check your data.
Make special note of the last login data and time. If anything appears to be incorrect, please send an email to security using the link at the bottom of the page.
Thanks for your immediate attention. YourISP securityWhen you visit the site it shows a username and password prompt.
You enteryour username and password, which sends you to an "incorrect password - tryagain" screen. You hit the "continue" button, which places you on the REALISP site.
Now when you enter your username and password, you are, of course,logged in. You are greatly relieved to find that your account data has notbeen changed and think nothing else of the issue.
Of course, you just gaveyour username and password to a hacker!And that's all that social engineering is about - gaining your trust,getting your vital data, and abusing that data.How do you protect against this? Be aware that it exists and don't respondto these kind of things. If someone asks you for your password, then tellthem to buzz off.
Nobody needs to know your password for any reason. Let merepeat: DO NOT GIVE OUT YOUR PASSWORD TO ANYONE FOR ANY REASON.
THERE IS NOTA VALID REASON FOR ANYONE TO NEED IT. If the person who asked really workswhere he says he works, then believe he, he can ALREADY get to your account.Why on earth would he be asking you for your username and password?If you think the email or whatever might be accurate, then call the ISP ornavigate to their site yourself (don't use anything from the email or letterthat your received - use the menu's and screens provided by the ISP).
Forexample, say you get a letter from your ISP saying to change your passwordimmediately. It has a phone number and URL.
Throw the letter away withoutreading either. Now, find your ISP phone number and URL yourself - perhapsin your browser help menu or in the manual or letter that arrived when yousigned on.
This bypasses anything that might be wrong in the letter or emailthat you received.If you do suspect that you've received a social engineering attack, be surethat you notify your ISP, MIS department or whoever needs to know. The onlyway this kind of criminal can be caught is if the crime is reported quicklyand accurately.
Article Tags: Social Engineering Source: Free Articles from ArticlesFactory.com .
Top blog stories
For our people.
We make your life easier
We make your life easier Since 1992, we’ve been helping customers get the best deal on their dream phone. We firmly believe in giving you the highest quality, for the lowest price. That’s why we work with three of the UK’s leading networks to do all the haggling for you,...see post
Halfords - Quicker, Easier, and Convenient.
At Halfords, we're all about the journey. With more than 700 stores with over 10,000 colleagues, we're the UK's leading retailer of automotive and cycling products. We are also the leading operator in MOT, tyres, car servicing and car repairs - pleasing more than 750,000 customers every year.see post
Sky - Epic. Endless. Entertainment.
It's important to us that everyone gets great customer service and can enjoy our products, no matter their level of sight. So, if you're blind, partially sighted or struggle to see or read the screen, we’ve a range of features to help you get the most from our products and...see post
Nasty Gal - We exist for the “girl in progress”.
Look iconic, without the hassle— using Nasty Gal discount codes, you can shop your favorite pieces for way less by simply entering one of our promotional codes (of your choice) at the checkout. From delivery offers, to promo deals, we keep ‘em coming, so you always have the offer you...see post
Digital Publishing From Past to Now
The Covid-19 has caused the school and universities to shut down around the world creating a major issue in Learning and Education. As this virus spreads through the interaction and if social distanci... The Covid-19 has caused the school and universities to shut down around the world creating a major...see post
Why its Important to Manage Your Holiday Calendars?
A printable calendar 2021 is a prominent online platform where you download printable calendars of your choice. These calendars can be customized as per our client requirement with photo, text, logo, or any other image. If you are thinking of planning a dream vacation tour with family and kids but...see post
Cardboard Boxes the Ultimate Need of Every Business
Tacoma-A premium adventure platform for the family
Austin Haidinyak is an industrial designer in the outdoor and travel industries. Along with his wife, a 3-year old son, and a Shiba Inu named Maggie, he loves to get outdoors and travel as often as possible. Off-road and overland travel by vehicle not only allows Haidinyak to get out...see post
Why Your Company Should Have Custom Cosmetic Boxes for Cosmetic Products
Custom printed boxes instantly put your business brand in front of your buyer and put your business in their mind. Rather than packaging your items in a traditional shipping box, have your packaging box stand out and have a professional outlook by printing your logo, business name, tagline, website, or...see post
We make your life easier
FOUR BRANDS BECOME ONE. CURRYS.
Currys PLC is a leading omnichannel retailer of technology products and services, operating through 800+ stores and 16 websites in seven countries.