HUMAN BASED SOCIAL ENGINEERING



Human-Based Attacks:

Impersonation: Acting like someone else to get access to the information.
They may act as a legitimate user and request for information or they pose as a higher authority and may ask for sensitive information or they pose as a technical support person and try to gather sensitive and confidential details.

Other types are Human-based attacks are:

Dumpster Diving: Any confidential or sensitive document should be properly shredded before disposed into the dustbin. If not, an attacker may just look into the dustbin to access the confidential information.
Eavesdropping: Unauthorized listening to conversations thereby collecting important data is called as eavesdropping.
Shoulder surfing: It is a direct observation technique like looking over someone’s shoulder to know the sensitive information like password, pin numbers, etc.

Reasons:

Due to loose security policies.
The individuals are unaware of the consequences of social engineering attacks.
It’s difficult to detect a social engineering attack.
It’s also an individual responsibility.
There are no hardware or software tools to prevent it.

 PREVIOUS                                                                                               NEXT

Comments

Post a Comment

If you want information about anything else, then tell me in your comment