Tuesday, September 7, 2010

What is Social Enginering in the field of Hacking?

Social engineering is defined as the process of obtaining others passwords or personal information by the act of manipulating people rather than by breaking in or using technical cracking techniques. Here I will show you an example on how social engineering works
Example 1

Robert (Hacker) calls Michael and pretends to be a Google employee, Here is the
conversation:

Robert: Hi Michael I am Robert a Google employee

Michael: OH How are you doing?

Robert: Me fine. I am here to inform you that Google is performing a security update on all Google accounts and we therefore need to install those securities updates on
your account.

Michael: Yes kindly install those security updates.

Robert: Thanks for your interest in our security updates we will require your account
password for installing it.

Michael (Victim) has become a victim of social engineering, he will give out his password thinking that the person whom he was chatting was a Google employee.

Note: The Hacker will create an account similar to

Googleupdates(at)gmail.com
Securityupdates(at)gmail.com

Example 2

You may receive an email from saying that your computer is infected with virus and to eliminate this virus you need to install a tool. The tool will not eliminate virus from your computer but instead it will give access to your computer and all data stored on
it.

Remember: Never give out details, or secure information such as your passwords. Use passwords that aren’t anything to do with your age/DOB/FirstName/Surname etc. All of that can be found too easily.

This article was a part of my book A Beginners Guide To Ethical Hacking, if you are a beginner and want to Learn Ethical hacking I suggest you to purchase a copy of my book

No comments:

Post a Comment