social-engineering Social engineering overview Version: 1.0.2 On this page
Social engineering overview π Art of convincing people to reveal confidential information Exploits peoplesunawareness about importance of data or social engineering attackscareless about protecting datatrust fear of consequences of not providing the informationgreed for promised gain for providing requested informationmoral obligation sense Type of footprinting . π€ Well-known social engineering examplesRSA attack zero day Flash vulnerability through an Excel macro.Ubiquiti networks scam US Department of Justice attack Yahoo Customer Account Attack Steps of social engineeringβ Research Gather enough information about the target company Collected by e.g. dumpster diving , scanning, company tour, search on the internet... Select target Choose a target employee Some employees are more vulnerable than othersEasy targets also known as Rebecca and Jessica mean a person who is an easy target for social engineering such as the receptionist of a company E.g. receptionists, help-desk personnel, tech support, system administrators, clients. A frustrated target is more willing to reveal information Relationship Earn the target employee's trust e.g. by creating a relationship Exploit Extract information from the target employee Identity theftβ Stealing someone elses personally identifiable information to pose as that personE.g. name, credit card number, social security or driver license numbers Can be used to impersonate employees of a target Steps of stealing an identityβ Gather targets informationThrough e.g. bill from social networks, dumpster diving Information include usually first and last name, date of birth, address, social security number, bank accounts, id card and passport numbers. Fake identity proof: get fake IDsCan be driving licence, ID card, etc... E.g. using stolen bills you can claim the person lost driving license and get new one to an address you choose. Fraud: spend money, unauthorized access, use ID for frauds, etc...Can open new credit card accounts on the victim's name Can sell identity information Identity theft countermeasuresβ Check the credit card reports periodically Safeguarding personal information at home and in the workplace Verifying the legality of sources. Impersonation on social network sitesβ Information is used for spear phishing, impersonation, and identity theft. Can e.g. create a fake user group "Employees of the company" in Facebook Invite people to group and collect credentials such as birth date, employment/education backgrounds. Can scan profile pages in LinkedIn and Twitter . Gather personal information from Internet including social network sitesE.g. full name, date of birth, email address, residential address. Create an account that is exactly the same Carry out social engineering attacks with the account e.g.:Introduce it to targets friends in a convincing way to reveal information Join the target organization's employee groups where they share personal and company information. Corporate threats from social network sitesβ Social network has vulnerable authentication as it's not isolated like corporate network. The employee while communicating on social network may not take care of sensitive information. Physical securityβ Physical measures E.g. air quality, power concerns, humidity-control systems Technical measures E.g. smart cards and biometrics Operational measures E.g. policies and procedures to enforce a security-minded operation. Access control Biometrics Something you are False rejection rate (FRR) When a biometric rejects a valid user False acceptance rate (FAR) When a biometric accepts an invalid user Crossover error rate (CER) Combination of the FRR ad FAR; determines how good a system is Environmental disasters E.g. hurricanes, tornadoes, floods. See also Physical security |Β Information security controls Open-source tool for Linux and macOSAvailable in Kali Linux Templates and cloning for credential harvesting Functions such as website attack vectors, mass mailer attack, sms spoofing, QRCode generator, WAP attack...