TechNewsPro_Masthead_2.jpg

The latest in NEWS, RESOURCES and JOBS

Lower the TCO of your legacy data wareho
Talend_Banner_728x90px_v1.jpg
  • Sahriar Shuvo - Tech Journalist

Social Engineering in Cybersecurity: The Evolution of a Concept

In cyberspace, social engineering is called hacking the human OS. Here at Tech News Pro, we always want our readers to stay UpToDate with the most recent measurement for maximum security, pick up a few new things here and there. Social engineering is harvesting people’s private information in unpredictable to use them in many unethical ways. This information can be ATM pins, mobile or computer passwords, company sales data, a simple thing like a birthdate, and so on.



A simple concept to lure victims

Suppose you’re in line for the copier machine and a lady came in. She told everyone that she has only 5 pages to copy and was in hurry. Now, most of the time people are nice and would let her copy first. Also because she asked nicely. But someone with 2 pages to copy was in line. She used the word “because” and it clicked their brain as if it was an actual emergency. Social engineering works in a similarly convincing way.

There are four major methods for social engineering. They are:

  • Blagging or pretexting

  • Phishing

  • Pharming

  • Shouldering or shoulder surfing.

Let’s go through them one by one and learn their fundamentals.


Blagging

A blagging scenario is created when the victim is being convinced to give out sensitive information like birthdate, pet's name, and answer to questions that may gradually buildup into enough information to crack a personal account. It may be a social media account or banking. Most of the time, the scammer takes up a false identity and calls the victim. Pretending to be of someone with authority, giving false hope of providing help. People falling for this trap are not informative on how these tactics work or up-to-date with privacy measurements.


Phishing

The word phishing sounds just like fishing and the format is quite similar. The purpose of this attack is to lure victims to click on suspicious links. On the other side, the hacker has total control over the input that the victim types out with the keyboard. Whenever the victim clicks on the suspicious link and types in their password or other sensitive information, they get hacked. Sometimes hacker takes control of victims device and causes unpredictable crimes. It has the potential for the victim to lose everything. A trusted company will never send out links that look suspicious. It will be professional and domains will have Googe or other top certified vendor's approval. If it is a link that looks suspicious simply avoiding it or opening it on a different browser incognito mode. And don’t put out your password on any other sites, rather just search for it and use that. Simple precautions are necessary to stay safe.


Pharming

Pharming is the combined result of phishing and farming. Here the attacker sends a mass email to users around the web, in the hope some may fall victim. On the other hand, the pharming method is very advanced. Duplicates sites are controlled and hosted by attackers. It is a mirror lookalike. It can be of a bank, or hospital, or office page. The victim tries to use the website and puts in credentials. Hackers take them and utilise them in different manners. Cracked SSN, credit card numbers are sold on the dark web every day. In 2016, Russian hackers managed to get hold of top democrats’ email addresses, according to The Guardian.

To stay safe from pharming attacks, always check the website link before using it. It can track IP, clicks, and what a victim is seeing on their screen in real-time. Secure sites don’t track this kind of data. Clicking on the lock icon beside the URL’s reveal what the site is using and certificates attached to it. Unsecure or false sites don’t have those as every address is unique.


Shouldering

Shouldering or shoulder surfing is the method of peeking or gazing at a target to steal their credentials. On the bus, plane, and even on the ATM line, someone can get shoulder surfed. The attacker could be someone sitting next to a victim who’s going to enter a security pin or password. Some shouldering methods are so advanced that attackers read shoulder and arm movements to guess the victim's password. We suggest not to pull out the company sales chart next time you’re in public even in a park. Someone like a competitor may be trying to pull the data causing the victim or company a disadvantage.


Social engineering is been with us for a very long time. It is still pretty unpredictable. Stay safe the next time you’re in public. Use protective screen on devices. Covid has put us in a position of social distancing, utilise it properly to stay safe from social engineering.

Element_300x600_June_2.jpg

LATEST RESOURCES

 

 

Parting the clouds. 

for greater security

Covid-19 has landed CSOs a unique opportunity to embrace web isolation.

Eliminate malware threats with zero trust 

Isolation-powered security provides full protection against email and Web based threats.

7 Customer Service Mistakes Companies Should Avoid Making

2020 was a tumultuous year but it did bring customer service back to the forefront of the business planning agenda for 2021. As you plan and prioritise your initiatives, it is important to avoid mistakes.

Integrating Compliance into Innovation: Taking Control Over Customer Communications

Compliance is one of those areas that is better off unnoticed. When compliance does get attention, it is usually because something has gone wrong and that is something that keeps executives up at night. It is easy to see why. 

Artificial Intelligence Based COVID Signature

Detection Software

The software takes the X-Rays and CT scans in digital format and analyses the X-Ray reports through uploading the images which is followed by detailed report about the patient suffering from COVID19 or similar ailments.

Six Steps to Drive Your

Process Center of Excellence to Success

Find out why yo need a center of excellence - and how save you time and money while improving experiences for both your customers and employees. 

Steps to Deliver Data You Can trust at the Speed of Business

Why trusted data is the key to digital transformation. Discover and cleanse your data. 

Organise data you can trust and empower people

Automate your data pipelines and enable data access.

2021 Threat Report 

Four Key Trends in the Cyber-Threat Landscape.

The security implications of remote working, SaaS takeover, rise of fearware, server side attacks, ransomware and Darktrace immune system.

Safe, inclusive communications for the University of Innsbruck

The open matrix is the foundation for secure, collaborative academic research and learning. Keen to support its learning culture, the university wanted to introduce a real time messaging system. 

Darktrace_Logo_Main.png
Element_Logo.jpg
eGain_logo.jpg
talend_Logo.png
MenloSecurity_Signature_Purple_RGB.jpg
MenloSecurity_Signature_Purple_RGB.jpg
nintex_logo.png
GMC_Software_Logo.jpg

    SUBSCRIBE

to our latest RESOURCES

to keep up to date with the

latest whitepapers

WP_GMC_Cover.jpg
WP_bold360_Cover.jpg