Good evening people. Weird guy is back, how are you all guys. Here's some information about Social Engineering.
Social engineering has always been a dangerous threat to organizations of all types. One of the common reasons for someone to use social engineering is to try and obtain sensitive organizational information or access to a system or facility that normally would not be available to an outsider. Social engineers achieve their goals by identifying targets within an organization to exploit. These targets are either people in certain roles, such as help desk human resources, such as side entrances and garage access points. What the social engineer wants is either informational based or action/result based, and social engineering is either part of the intelligence-gathering process or the exploit and penetration process.
Although we call it social engineering, there is actually a social side and a technique side to the process:Social methods include phone calls, email, and face-to-face contact. Technical methods include posting a fake login page or impersonating a web site.
Social engineers usually want to get information on people, get user account passwords or get them reset, have employee or vendor lists sent to them, get access to remote dial-up connections or VPNs, get information on secret workings or schedules, get into facility entrances, and get people to load Trojans. Although it is mix of social and technical, it involves more of the technical aspects.
Social engineering could possibly be considered the ultimate security vulnerability; it is an active part of almost every facet of daily human life, to varying degrees. It will probably never truely go away, but with regard to social engineering with malicious intent, don't lose hope. Active measures can be taken to control and migitate the effects of social engineering attempts through single, proactive awareness training and support for preventive procedures in daily operations.
Thas all for today. Have a nice day.
Social engineering has always been a dangerous threat to organizations of all types. One of the common reasons for someone to use social engineering is to try and obtain sensitive organizational information or access to a system or facility that normally would not be available to an outsider. Social engineers achieve their goals by identifying targets within an organization to exploit. These targets are either people in certain roles, such as help desk human resources, such as side entrances and garage access points. What the social engineer wants is either informational based or action/result based, and social engineering is either part of the intelligence-gathering process or the exploit and penetration process.
Although we call it social engineering, there is actually a social side and a technique side to the process:Social methods include phone calls, email, and face-to-face contact. Technical methods include posting a fake login page or impersonating a web site.
Social engineers usually want to get information on people, get user account passwords or get them reset, have employee or vendor lists sent to them, get access to remote dial-up connections or VPNs, get information on secret workings or schedules, get into facility entrances, and get people to load Trojans. Although it is mix of social and technical, it involves more of the technical aspects.
Social engineering could possibly be considered the ultimate security vulnerability; it is an active part of almost every facet of daily human life, to varying degrees. It will probably never truely go away, but with regard to social engineering with malicious intent, don't lose hope. Active measures can be taken to control and migitate the effects of social engineering attempts through single, proactive awareness training and support for preventive procedures in daily operations.
Thas all for today. Have a nice day.