Ever wondered how people got trapped in frauds like paid on some fake website which looks almost similar to the original one or clicking on some link that takes away all your money from bank. Well, this is not at all any magic that they perform but a well planned attack which in technical terms is called as social engineering attack.This website is gonna help you to get aware of most of these attacks so that you can't be the next victim of hackers.
What is Social Engineering?
You can find best answers on google for this in techinal terms,
however, the simplest answer can be like it is a kind of human mind or
physicology hacking. We have already seen this as an art where artist
guesses number or name in your mind but getting your sensitive
data(like password,bank details etc) out of your mind for illegal
purpose makes it a crime thats what these hackers do. Even the
greatest hacker of all time Kevin D. Mitnick has said there's nothing
that can't be hacked with social engineering.
So basically what social engineer is doing is winning your trust here and letting you do what he wants. And here you got hacked.
Let's understand with some example:
Suppose you are an employee of a company and you need to show you identity card and also you need to pass door with biometric lock.Now how hacker will get into company? Here he can use you.Yes you. He will make a fake identity card which looks similar to yours(by information gathering technique).Then he will carry bags in both of his hands to seem like a helpless person.Then you will see that he is wearing identity card and think he must be an employee of your company, and its human nature to help a helpless person thus you will open door for him and he is in.
On the phone, social engineer might call and pretend to be a fellow employee or a trusted outside authority (such as law enforcement or an auditor).
Online, Social networking sites have made social engineering attacks easier to conduct. Today's attackers can go to sites like LinkedIn and find all of the users that work at a company and gather plenty of detailed information that can be used to further for an attack.