What Is Social Engineering?

What is Social Engineering?

Social Engineering is the term used to describe a collection of cyber fraud techniques employed to trick companies and individuals into handing over personal data, money and other assets. It manipulates, disrupts and deceives to gain illegal control over IT systems, personal computers, phones and tablets.

A social engineering campaign might identify one particularly valuable target, such as a large corporation, a multi-millionaire, celebrity and even you. The campaign will gather as much specific information as possible about the target using data sources such as Companies House registrars, trade associations, sports and social clubs, schools, universities, social security numbers and social media.

Why should we worry?

The very targeted nature of social engineering means that the fraud it likely to be greater and more damaging. With so much data available online today, particularly personal data on social media, it is relatively easy to build a well targeted and convincing campaign to fool even the most vigilant person.

Phishing

This renown cyber-crime, where criminals seek to steal IT and computer user-names, passwords, credit card details, usually via a phishing email appearing to come from a known and trusted provider, work colleague or personal friend.

Delivery or Diversion Theft

Postal and courier sectors where cyber criminals target a delivery company to trick them into making the delivery somewhere else. This fraud went on during Covid 19 lock-down where so-called legitimate postal suppliers claim to have unpaid parcels for which they give a malicious re-direct link.

Water-Holing

Takes advantage of Websites people regularly visit and trust and then looks for vulnerabilities on them sites to plant exploit and other nasty code. It is then a matter of time before one or more of the target users becomes infected with malicious code.

Quid Pro Quo

Emails offering a free shopping voucher, BITCOIN sign-up screen and similar to encourage the user to click to accept or enter, where upon they download exploit code infecting the PC.

Honeytrap

This is usually aimed at men where attractive women are promoted via an online dating site or similar to trick them into clicking a malicious Web link.

Rogue Virus Scans – Scareware

Fake or Rogue anti-virus, anti-spam and anti-spyware designed to trick the target into downloading or running a fake scan which infects the PC malware.

See the Action Fraud and YouTube Video

 https://www.youtube.com/watch?v=yrjT8m0hcKU&t=4s

or

Brussels Random people chosen to have their mind read

https://www.youtube.com/watch?v=F7pYHN9iC9I

 

No Comments

Post A Comment
X