Feb 7, 2011

Social Engineering - Art of human hacking




Social engineering is defined as the process of obtaining others passwords or personal information by the act of manipulating people rather than by breaking in or using technical cracking techniques. Here I will show you an example on how social engineering works

Now For Example I will show You something

Example 1

!!SAURAV!! (Hacker) calls(mail,chat,etc..) Ankit(victim) and pretends to be a Gmail0 employee, Here is the conversation:

!!SAURAV!!: Hi Michael I am Robert a Gmail employee

Ankit: Oh so, How are you doing?

!!SAURAV!!: I am fine. I am here to inform you that Gmail is performing a security update on all Gmail accounts and we therefore need to install those securities updates on your account.

Ankit: Yes kindly install those security updates.

!!SAURAV!!: Thanks for your interest in our security updates we will require your account
password for installing it..( You may also tell i will give u a tool install it which may be a sniffer)

Ankit(Victim) has become a victim of social engineering, he will give out his password thinking that the person whom he was conversing was a Gmail employee.


Note: The Hacker will create an account similar to

Googleupdates( at )gmail.com
Securityupdates( at )gmail.com

GmailUpdates( at ) gmail.com


Example 2

You may receive an email from microsoft,wipro saying that your computer is infected with virus and to eliminate this virus you need to install a tool. The tool will not eliminate virus from your computer but instead it will give access to your computer and all data stored on it..Or it may also steal the passwords and give it to the hacker

Remember: Never give out details, or secure information such as your passwords. Use passwords that aren’t anything to do with your age/DOB/FirstName/Surname etc. All of that can be found too easily.

 

0 comments:

Post a Comment

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More