What is Social Engineering cyber attack and how to prevent it? Read full story
HIGHLIGHTS: Cyber criminals often use such techniques to acquire confidential information from a person to make some online frauds, lost of money or other things. For prevention, we should know about these techniques and safeguard ourselves.
Social Engineering is an art of manipulating a person to grab some confidential information. It is also known as Phishing Attacks. The information may vary depending upon their targets. These criminals usually try to trick people to give them their passwords or bank information or access to your device to secretly install some kind of malicious applications to get access to your confidential information stored on that device as well as giving them control over your computer.
These techniques are mostly used by attackers because it is easier to exploit your natural inclination to trust. For example, it is easier to make you fool to get your password than trying to hack it with different other techniques.
How these attacks are performed?
E-Mail from a Friend
A cyber criminal can manage to hack or socially engineer one person's email account, and once they get access to it, they can copy its entire contact list and also most of the people use the same passwords for their other Social Networking account, hence they also get compromised.
Now, these criminals start to send emails or texts to the contacts stored on that email account by pretending themselves as your friends.Since, these emails or requests come from your friend's email account, you blindly trust on it and attackers take advantage of your trust and curiosity. Here are some scenarios:
- Contain a Download/Link: In such case, attackers send an email to download some pictures, videos, music, movie, documents etc, that contains malicious applications embedded. Once you click and download these files, your device/computer get infected and attackers get control over your device.
- Demand Financial help: There are various cases where attackers demand financial help for some urgent reasons like Medical Expenses, Payment of Loans etc by pretending your friends. They asks for money to be transferred into a specific bank account or wallet. When you try to ask them their problems, they deny it and insist you to transfer money immediately.
Contacts from other Trusted Source
Social Engineering is known as Phishing Attacks. It is considered as a subset of Social Engineering where attackers use the names of some reputed and trusted organisations like Charitable Trusts, Banks or Financial Institutions, Fund Raisers etc.Here are some techniques:
- Use Phishing attempts with a legitimate-seeming background: An attacker sends an email, text message or post a comment that appear to come from a popular, reputed or trusted company, person, bank or other institution.
- Fake Telephone Calls: Today, frauds through fake calls are rapidly increasing. An attacker calls you pretending to be from Bank or Credit Card company and ask you to verify your bank or card details in order to update KYC or to increase credit limit. They grab this information either through telephone or through a link to your mobile number or email.
- Asks for Donation: Such attackers ask you to donate for different causes of aid or support for whatever disaster, political campaign or charity.
- Notify you about Winning a lottery: We often receive such text messages or emails saying that we are a winner in a lottery. To disburse the amount, they insists you to provide your bank information
Now, in this section, you know about Social Engineering and ways the attackers approach us. In the next section of this article we will know about various tips and ways to protect ourselves.
Source: Web
No comments: