What is it?Have you even hear about it? Have you been exposed to it? Whether you like it or not, you know exactly what this is, you know all about this, and not only have you been exposed to this, you’ve even participated in this. Social Engineering is probably the most rudimentary but most effective means of hacking that not only I know of, but probably widely known in the Black Hat community.
What Is It Tim!
Social Engineering or S.E. as it’s refered to is merely your way of TALKING information out of your victim. “Tim, that’s definitely you’re bread and butter” and yes, you’re right it refers to anything that deals with anything about talking. Social Engineering, in relation to hacking is dealt with whatever the hacker is trying to get.
Say a hacker wanted your password. Now you wouldn’t normally post that your password was your dog’s name “Princess” and the number “123” but perhaps you’ll talk about princess. So say the hacker talked to you, got to know you a little. Hey, how are you? Do you have a facebook? Oh do you have a myspace? Oh look at that dog of yours, what a cute dog, what’s it name? Oh princess, what a sweet name, my dog is name Pinky, yea I named it off that rat from the cartoon………see, it seems like a simple conversation, but really I learned some information about you, I learned you have a dog…check…….i learned your dog’s name is Princess…..check…..what do you know about me Mr Hacker….that I MAY…MAY have a dog too, named Pinky….named after a show called Pinky and the Brain…..yea, I know more about you than you know about me.
That’s too simplistic, give me another example
Okay, you have AntiVirus, in fact you have the famous Norton that is out. I hate Norton and in my younger years, I’ve fallen for this gag. So you have Norton and one day you see that you have an email “Warning Will Robinson, you’re antivirus is fucked up, download our Update and get protection” Obviously it was an email FROM Norton or else I would have given the Middle Finger, but it turns out this hacker was smart. They used a very SIMPLE form of SOCIAL ENGINEERING, by means of sending out into the wild an EMAIL that states it’s FROM Norton, the FROM address SAYS Norton, and it doesn’t ask for anything from me but to download. What does me the victim normally intend to do? Well normally we do 1 of 2 things, we DELETE (like we should) or we listen to the email and DOWNLOAD. So what’s the engineering. The design of this email is in the fact that the hacker KNOWS that his virus will either A be used, or B get deleted.
THIS IS JUST ONE FORM OF SOCIAL ENGINEERING AS PER RATS….Stay tuned for a small bit about social engineering in regards to getting FREE stuff (*cough* *cough* stealing *cough* *cough*)