Social Engineering Definition, Types, and How to Prevent From It

Social Engineering

What is Social Engineering?

Social engineering is the art or method of accessing one's sensitive and personal details like password, email id, bank account details, etc. It is directly related to phishing and hacking through clickbait. It targets the human behavior of the victim to attack only to gain information.

 

Suppose, a hacker has some email addresses then he sends something pleasing messages and emails like-

 

Hello Mr. XYZ, We are happy to inform you that you have won $2000; you are only one step away from claiming this prize. If you want the prize you have to register your email id with us and claim your reward”.

 

That email will look like it was sent from an organization or a company and it is infected with a malicious link, when you click on that link a page will open and that page may look like a fake Facebook page. And after you submit your details, your details are out! This is known as a "spoofing attack".

 

Ordinary people will do what they are told, if the victim's computer is not protected by a firewall, it becomes very easy for the attacker as they secretly install malicious apps that can steal your confidential details. This is known as social engineering.

 

In our previous article, we discussed How to prevent from email phishing scam and What happen if you click on phishing links. Check it out if you are interested.  

 

If you are good at Social Engineering congrats! You became a half hacker.

 

Types of Social Engineering Attacks

Popular types of social engineering attacks include:

 

Baiting

Batting attacks use false promises to pique the greed or curiosity of the victim. They lure users into a trap that steals their personal and sensitive information or infects their systems with Malware. The most reprehensible form of batting uses physical media to spread malware.

 

Batting is like the Trojan Horse of the real world. So it uses physical media and depends on the curiosity or greed of the victim. It is similar to phishing attacks in many ways. Attackers may also focus on exploiting human curiosity through the use of physical media.

 

Phishing

Phishing attacks are often used to steal victims' data, including personal and sensitive information such as credit and bank account details, passwords, email IDs, and more. This is done through email, instant message, and text message.

 

In our previous article, we had discussed in detail about Phishing. Check out our Phishing and Hacking series if you're interested.

 

Spear phishing

It is a type of phishing attack and it is a little similar to a phishing attack. Spear phishing is targeted and personalized to a specific individual, group, or organization.

 

Pretexting

In this attack, an attacker tries to persuade the victim to give up valuable information or access to a service or system.

 

Scareware

Scareware is kind of malicious programs which scares you first about some shitty problems or virus in your computer and then lure into buying some fake antivirus programs.

 

How to prevent from social engineering?

1. Slow down- Before taking any decision think about it and do not trust that link quickly.

2. Research the facts- Ask your friend about it. Do your own research.

3. Delete any request for financial support- Delete email when they ask for financial support and personal details, it may be a scam

4. Secure your devices- Install antivirus and enable firewall protection on your device.

5. Email Security- Set email security at a high level.

Leave a Reply

Also Read


Join GraspHack Family!

We will never spam you.

Be a part of our ever growing community.