The Claws of Social Engineering
Many terms have been cropping up these days and one is social engineering.
It's not technically new as it has been used very often in the past.
What makes it new, though, is the fact that people's awareness level has considerably increased and though one may or may not end up a victim, additional knowledge is always of value.
Generally, the term points to obtaining information about a person without using any technical means.
The social engineer relies on other people who may have close associations with the victim and takes advantage of their trust.
Someone who wants information about a certain person will usually try to casually ask a friend of that person while the three of them work out out at a gym, for example, or hang out in some club.
While the act alone is not considered social engineering, having disguised intentions is.
There are many ways that social engineering can happen.
For example, at the workplace, anyone could be watching you as you enter your password into that computer on your desk.
This is called shoulder surfing and though it may sound too simple, it is not to taken lightly.
Remember that when somebody unauthorized actually has access to your files, anything can happen.
You can have a disgruntled co-employee looking for company information he can use to attack the management or he could be looking for something he could use against you to beat you to that promotion.
Whatever the motivation of the social engineer, it is always best not to give him the slightest chance to pursue his intentions.
Some social engineers can get so desperate as to go through their target's trash and look for information they need from junked documents, receipts and other printed materials.
Usually, the dumpster diver is interested in a person's credit card or banking information and will use it for his personal gain.
Definitely, this is something serious and if you don't want to be a victim, be careful even with things you think aren't anymore important because they could be of value to someone else.
Intercepting your mail can also be a way to obtain information about you.
From your bank statements to friendly letters from an overseas friend, anything could, in fact, be known about you.
Sometimes, people actually pretend to be a close associate of the target or even act like the target himself while looking for confidential information.
Social engineers can be very creative and there's often no way of telling exactly what technique they'll be using until the time one realizes that they have, indeed, been victimized.
Prevention is, thus, very important not just with social engineering but with every other potential threat that we may face in every aspect of our lives.
As Internet users, we can protect ourselves from online crimes by hiding our online identity with the use of an IP hiding software.
It's not technically new as it has been used very often in the past.
What makes it new, though, is the fact that people's awareness level has considerably increased and though one may or may not end up a victim, additional knowledge is always of value.
Generally, the term points to obtaining information about a person without using any technical means.
The social engineer relies on other people who may have close associations with the victim and takes advantage of their trust.
Someone who wants information about a certain person will usually try to casually ask a friend of that person while the three of them work out out at a gym, for example, or hang out in some club.
While the act alone is not considered social engineering, having disguised intentions is.
There are many ways that social engineering can happen.
For example, at the workplace, anyone could be watching you as you enter your password into that computer on your desk.
This is called shoulder surfing and though it may sound too simple, it is not to taken lightly.
Remember that when somebody unauthorized actually has access to your files, anything can happen.
You can have a disgruntled co-employee looking for company information he can use to attack the management or he could be looking for something he could use against you to beat you to that promotion.
Whatever the motivation of the social engineer, it is always best not to give him the slightest chance to pursue his intentions.
Some social engineers can get so desperate as to go through their target's trash and look for information they need from junked documents, receipts and other printed materials.
Usually, the dumpster diver is interested in a person's credit card or banking information and will use it for his personal gain.
Definitely, this is something serious and if you don't want to be a victim, be careful even with things you think aren't anymore important because they could be of value to someone else.
Intercepting your mail can also be a way to obtain information about you.
From your bank statements to friendly letters from an overseas friend, anything could, in fact, be known about you.
Sometimes, people actually pretend to be a close associate of the target or even act like the target himself while looking for confidential information.
Social engineers can be very creative and there's often no way of telling exactly what technique they'll be using until the time one realizes that they have, indeed, been victimized.
Prevention is, thus, very important not just with social engineering but with every other potential threat that we may face in every aspect of our lives.
As Internet users, we can protect ourselves from online crimes by hiding our online identity with the use of an IP hiding software.
Source...