HUMAN BASED SOCIAL ENGINEERING
Human-Based Attacks:
Impersonation: Acting like someone else to get access to the information.
They may act as a legitimate user and request for information or they pose as a higher authority and may ask for sensitive information or they pose as a technical support person and try to gather sensitive and confidential details.
Other types are Human-based attacks are:
Dumpster Diving: Any confidential or sensitive document should be properly shredded before disposed into the dustbin. If not, an attacker may just look into the dustbin to access the confidential information.
Eavesdropping: Unauthorized listening to conversations thereby collecting important data is called as eavesdropping.
Shoulder surfing: It is a direct observation technique like looking over someone’s shoulder to know the sensitive information like password, pin numbers, etc.
Reasons:
Due to loose security policies.
The individuals are unaware of the consequences of social engineering attacks.
It’s difficult to detect a social engineering attack.
It’s also an individual responsibility.
Comments
Post a Comment
If you want information about anything else, then tell me in your comment