What is Social Engineering? Or perhaps lets ask what is a social engineer?
Perhaps an individual’s answer may be that they are a type of social media architect responsible for designing social media platforms? Or even someone who organizes and conducts Social gatherings of people for a common reason or event. If you thought along the lines of either of the previous two examples you would be wrong. Think more maliciously.
Social Engineering is the practice of fooling or tricking individuals often over the phone by impersonating a company or organisation in an attempt to obtain sensitive information or persuade the individual to break standard security protocols.
The Fraudster attempts to manipulate an individuals natural human tendency to trust in order to further his/her own malicious means. The hacker’s ultimate goal would be to remotely take over your computer in order to advance their own agenda by stealing credit card numbers, online banking logins or harvesting personal data for sale to identity thieves.Often these fraudsters will either attempt to gather information about you over a period of time in order to build a profile on you, as well as to build trust in order to get their “target” to reveal sensitive information.
A fraudster can also try a “numbers approach” to social engineering which would be similar to how phishing attacks are carried out. A Fraudster or syndicate of fraudsters would attempt to contact thousands of individuals pretending to be reputable companies that these individuals utilize the services of, on a daily basis. They (The fraudsters) would then convince these individuals(Targets) that there is a problem with their service and that they need them to either perform certain actions on their computers causing them to violate computer security, leaving their computers vulnerable and easily accessible by the fraudster.
In a recent article by Fin24, South Africans have been victims of fraudsters practicing social engineering. Read the full articles here:
The Identity Guard Team.