Social Engineering

Discussion in 'General Discussions' started by Drumstick, Oct 25, 2011.

  1. Drumstick

    Drumstick Level III

    Joined:
    Jan 14, 2009
    Messages:
    457
    Likes Received:
    8
    Location:
    Ontario, Canada
    From wiki: Social engineering is the art of manipulating people into performing actions or divulging confidential information.

    Pretty much this. Most people think it's always malicious, but it doesn't have to be. For example, kids are social engineering (SEing) in order to get their parents to buy them things, doctors are SEing when a kid doesn't want to get an immunization shot, and then there are the people who SE to get passwords and whatnot.

    Example: You want to get into someone's email. Of course you can try and guess the password and stuff, but that's not very efficient. So, you go to reset their password. You enter all the stuff, then you come across a security question. If it's one like "favourite ice cream" or something, you could guess vanilla, chocolate, whatever. Food, guess pizza, hamburger, who knows. But what do you do if it's something more personal, like, name of first pet? Or favourite teacher? This requires more work than just guessing, as there's no way in hell you could just randomly guess it. So after a little SEing, you can bring up the question and they will give you the answer thinking it's just a random question. Tada! You have SE'd your first victim, and gotten into their email for w/e you want.
    This is just a basic example, but pretty much how it works. More confidential information would require a lot more prep work and research. Even perhaps a little bit of stalking, to an extent.

    Social engineering can be used to get pretty much anything. It's how con artists work. He will get into their victim's head, and figure out what they need, and give it to them in exchange for whatever he wants. Sadly, it is incredibly easy to fall victim to someone who is a master of social engineering. You won't even know what hit you until it's already over.

    What does NF.net think of social engineering? This is a topic that interests me a lot, it would be nice to get some sort of discussion about it.
     
    #1 Drumstick, Oct 25, 2011
  2. airisis

    airisis Level I

    Joined:
    Aug 3, 2008
    Messages:
    62
    Likes Received:
    2
    ive heard about this before, i like it and find it very useful/interesting, used it on omegle before to get some guys girlfriends nudes on hotmail ;)
     
    #2 airisis, Dec 9, 2011
  3. imperialdarknes

    imperialdarknes Level III

    Joined:
    Mar 3, 2012
    Messages:
    381
    Likes Received:
    1
    blackmailing is a form of social engineering
     
    #3 imperialdarknes, Apr 23, 2012
  4. waynealda

    waynealda Newbie

    Joined:
    Apr 20, 2012
    Messages:
    10
    Likes Received:
    0
    Too great and really very best and awesome sharing it is
    i enjoy this great work done too much
     
    #4 waynealda, Apr 25, 2012
  5. white_stallion

    white_stallion Level I

    Joined:
    Jul 6, 2012
    Messages:
    40
    Likes Received:
    0
    That sounds malicious for sure!
     
    #5 white_stallion, Jul 6, 2012