Social engineering is a technique to get secret information such as a password regarding security by narrative, eavesdropping, and fraud.
It is also called “social hacking” or “social cracking”.
・ Take a peek at password behind a person, who are inputting it
・ Gather personal information from offices’ trash, which is a helpful lead to find out password
・ Pretend to be a customer and ask managerial staff to change password on the phone in order to know the new password
・ Manager does not identify customers enough.
・ Supervision of personal information is not completed.
・ According to Wikipedia; The free encyclopedia, In 2003, 90% of office workers wrote down their password on a survey question outside the office in order to get a pen.
・ Attackers telephoned to customers at a company, which provide technical support. Then when a customer called back to ask technical support, attackers helped them but made the customer access launch malware secretly.
Work Cited
"Social engineering (security)." Wikipedia, The Free Encyclopedia. 5 Feb 2007, 14:10UTC.Wikimedia Foundation, Inc. 10 Feb 2007 <http://en.wikipedia.org/w/index.php?title=Social_engineering_%28security%29&oldid=105796220>.
“Social engineering.” e-words. 21 Feb. 2001 Incept Inc. 10 Feb. 2007
No comments:
Post a Comment