N I L A D I C پنجشنبه 16 شهریور 1396 12:25 ب.ظ نظرات ()
# What is social engineering?
It’s generally defined as any type of attack that is nontechnical in nature and that involves some type of human interaction with the goal of trying to trick or make a victim into revealing information or violate normal security practices.

The attack category relies on the weaknesses or strengths of human beings rather than application of technology

“There is no patch for human stupidity.”

for example:
Trojans which exploit social engineering to entice a victim to open an executable or attachment that is infected with malware

Another example of how social engineering works is the case of scareware. This type
of malware is designed to frighten a victim into taking action when none is necessary. The
best example is the case of fake antivirus products that prompt users with very realistic, but
fake, messages that they should download an “antivirus” to disinfect their system.

** Some common signs of socian engineering:

# Use of authority by an attacker, such as making overt references to who they are or
who they know or even making threats based on their claimed power or authority.
# Inability to give valid contact information that would allow the attacker to be called or contacted as needed.
# Making informal or off-the-book requests designed to encourage the victim to give out information that they may not otherwise.
# Excessive name-dropping as to who the attacker knows inside the organization.
# Excessive use of praise or compliments designed to flatter a victim.
# Show of discomfort or uneasiness when questioned.

# so lets check why social eng works?
it has 2 reason
1) trust
2) human habit and nature:
    Human beings tend to follow certain default habits and actions without thinking
    a good social eng can observe these habits and use them to track people or follow the actions of
    groups, and gain entry to buildings or access to information

### Social-engineering Phases:
1.      Gather information and details about a target through research and observation.
Sources of information can include dumpster diving, phishing, websites, employees, company tours, or other interactions.
2.      Select a specific individual or group that may have the access or information you need
to get closer to the desired target. Look for sources such as people who are frustrated,
overconfident, or arrogant and willing to provide information readily.
3.      Forge a relationship with the intended victim through conversations, discussions, e-mails, or other means.
4.      Exploit the relationship with the victim, and extract the desired information.

actually we can summarize these parts to blow:
     Research (step 1)
     Develop (steps 2 and 3)
     Exploit (step 4)

# successful social eng resualts:
- Economic Loss
- Terrorism
- Loss of Privacy
- Lawsuits and Arbitrations
- Loss of Goodwill
and etc ...

# lets check who can be target for social eng:
receptionists, help desk personnel, users, executives, system administrators, and outside vendors
now lets check why these can be target?

receptionists: one of the first people visitors see in many companies—represent prime
targets. They see a lot of people go in and out of an office, and they hear a lot of things.
Establishing a rapport with these individuals can easily yield information that’s useful on
its own or for future attacks.

Help desk personnel: offer another tempting and valuable target due to the information
they may have about infrastructure, among other things. Filing fake support requests or
asking these personnel leading-questions can yield valuable information

System administrators: can also be valuable targets of opportunity, again due to the
information they possess. The typical administrator can be counted on to have very
high-level knowledge of infrastructure and applications as well as future development
plans. Additionally, some system admins possess far-reaching knowledge about the entire
company’s network and infrastructure

##### What Is Social Networking?
in simple way, it is social eng by using social networks and what they contains
there are many information that attacker can find about targets in social networks
- Personal information
- Photos
- Location information
- Friend information
- Business information
- Likes and dislikes

social networking has made the attacker’s job much easier based on the sheer volume of
data and personal information available

so be aware and when you want to post something in social networks
ask blow questions from yourself:
- Have you thought about what to share?
- How sensitive is the information being posted, and could it be used negatively?
- Is this information that you would freely share offline?
- Is this information that you wish to make available for a long time, if not forever?

there is some mistakes that people do in their social network:
1) using same password for their social media and other website
2) share to much information about theirself

#### Defend against social networking:
1) Discourage the practice of mixing personal and professional information in social-
networking situations
2) Always verify contacts, and don’t connect to just anyone online
3) Avoid reusing passwords across multiple social-networking sites or locations to avoid
mass compromise
4) Don’t post just anything online
5) Avoid posting personal information that can be used to determine more about you

# some common way to social eng:
- Malware
- Shoulder Surfing:  This type of attack takes place when one party is able to look over
another’s shoulder or spy on another’s screen
- Eavesdropping  This involves listening in on conversations, videos, phone calls, e-mails,
and other communications with the intent of gathering information that an attacker would
not otherwise be authorized to have
- Dumpster Diving: search targets trash file
- Phishing

# Be careful accessing sensitive information in a public place. Even on a secured
connection or a VPN, people can see what you type on a laptop screen. You may reveal
sensitive information to a person walking by with a camera phone while you do your
online banking. The same is true in an office, where a nosy coworker peering over a
cubicle wall or an unscrupulous network administrator spying on a workstation can
snag a password.

# Don’t save personal information casually on shopping websites. Most shopping sites
offer to save a credit card and address information for easier checkout in the future.
Although the information is supposedly secure, many thefts of such information have
occurred recently.

# Be careful about posting personal information. People love to chat and share or post
the details of their personal lives on social-networking sites such as Facebook. They
give the public access to their information and then complain about privacy issues.

# Keep your computer personal. Internet browsers such as Internet Explorer and Mozilla
Firefox make it easy to store passwords and form information. Anyone who opens such
a web browser can check the browsing history, visit secure sites, and automatically
log in as you, if you opt to have the browser save your password. Avoid storing
passwords—or, better yet, password-protect your computer and lock it when not in
use. Make a second account on a computer for other people to use so information is
kept separate, and make sure that account is password-protected and not given high-
level access such as that available to an administrator.

in pas yearss attacker use another way to social eng
in this method for example someone calling you and talk about your account but actually not your account and
talk about another ons's account and you  say that sorry, its not mine and he/she asks you so what is yours?
and you give you account detail to attacker
this is an example for new social eng attacks
be careful

##### knowing avaiable info about target:
first google target and if you did not get enaugh info about that then use social networks like
and use people search services like: