Page 71 - index
P. 71







The cinch of Hacking: Social Engineering

By Hitansh Kataria, Co-Founder & CEO, H2K Cyber Experts and CreativeTabs



Cybercrime, just like all other crimes, appears in variety of forms, as Cross Site Scripting,
Cookie Stealing, Session Hijacking and many more... but Social Engineering being the most
facile and prominent way of Hacking every time. Right from 1980’s till today Social Engineering
attacks are most frequent and worth working just because there is no patch for Human
Stupidity.

According to the key terminology, Social Engineering in context of information security, is a
technique to manipulate people into blabbing their confidential data to the hacker. A hacker
gains trust of the victim and grab all the confidential information viz. Bank Account information,
Credit Card info etc. Actually Internet is just like a fertile ground for social engineers looking to
harvest passwords. It is a perfect blend of Science, Psychology and Art. Hackers usually adapt
this method to get into someone’s network as it is easier to exploit the natural inclination to trust.
Apart from all other cyber attacks, the success rate of Social Engineering is the highest one and
is also been listed as one of the most crucial and perilous attack, just because many security
professionals assert that the weakest link in the security chain is human itself.

In confer to a survey transpired in 2003, 90% of the employees of an IT company gave their
secret passwords in lure of cheap pens or chocolates. Often bank accounts, social network’s
accounts are been compromised by Social Engineering only. As Cyber Security landscape is
evolving constantly, therefore social engineering techniques provide ample opportunities to the
hackers to steal information. As the increasing number of internet users and notably social
networking users viz. Facebook, Twitter, LinkedIn etc, social engineering is sure to become
more favoured attack among the hackers. Due to this obvious reason, internet frauds are the
daily’s news.

In realm, hackers use various techniques to deploy their social engineering attack on to a victim,
and victims also get into the bait and usually reveal their confidential data to the attacker.
These following methods are broadly used for attempting this attack:



1. Phishing Attack

This approach of attacking is generally used for getting passwords of online banking and social
networking sites. Commonly, attacker sends a fake mail to the victim and asks for verification
providing with a so-called authentic web link (URL) making it so authentic that victim believes
that it is actually from the real source and the link redirects victim to a web page which is
actually has been developed as replicate of the real website. As victim login into it, hacker got
the password and username without even known to the victim that he/she has been hacked.



71 Cyber Warnings E-Magazine – July 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide

   66   67   68   69   70   71   72   73   74   75   76