09 May 2011

You must know what is Social Engineering Attack!!



Social engineering is a fancy name for manipulating a person into giving you access to which you are not normally entitled.    This almost always involves lying about your identity or your intent. Here is a transcript of a class social engineering trick used to convice a user to divulge his password:


[user] Hello?
[hacker] Hi, this is Bob from IT Security. We’ve had a security breach on the system and we need every user to  verify their username and password.
[user] What do I need to do?
[hacker] Let’s walk through a login, just to make sure everything is fine.
[user] OK
[hacker] OK, go ahead and login. What username are you coming in as?
[user] My username is “smith”.
[hacker] Excellent. What password are you using?
[user] I am using the password “drowssap”.
[hacker] Do you have a system prompt yet?
[user] Yes, I’m in.
[hacker] OK, there you are. I see you now. Everything is fine. We appreciate your cooperation.
[user] OK, goodnight.
[hacker] Thanks again, goodbye.

Always Remember never tell your password to anyone......even Bank staff can not ask you for password!

Stay Safe..
hv gr8 day!

ABOUT THE AUTHOR
AbhiShek SinGh
Founder of 'TheHackingArticles'. Cyber Security Analyst, Cyber Security Researcher, and Software Engineer. Follow 'AbhiShek SinGh' on Facebook , Twitter or Google+ or via Email

Subscribe to stay up to date