Site icon Novalis

How much do you know about social engineering? – Part 2

In the previous, I have discussed social engineering and some of its attacks (Baiting, Phishing, Spear Phishing and Email hacking and Contact spamming). Today, I am going to discuss its remaining types.

Scareware: – It is also known as deception software, rogue scanner software, or fraudware. In this attack, false reminders or threats are sent to victims system which upon clicking or installing impose serious threats and their systems get infected with malware. Example- while using the web, sometimes a popup is displayed regarding virus with a suggestion like to install software or you go to an infectious website.

Pretexting: – Here, criminal gathers all sensitive information about the victim in a clever manner which is further utilized to commit any offending activity. A criminal initiate by maintaining trust with the victim and slowly mold the things in such a way that victim does not find anything fishy and shares all his/her personal data with the hacker like address, phone number, bank records, security numbers, etc.

For example- you got an email like you won a lottery of $50, 00, 00,000 and they ask you your personal account details in order to transfer the money which is merely fraud and they want to hack your account details. With this, they become eligible to withdraw your money from your account.

Quid pro quo: – These attacks are based on exchange offers i.e. Have something in return for something. A criminal plays with the mind of the victim by this offer; thinking to be the original offer, the victim often falls prey and truth comes out. Such as- the victim got a call from IT support technician and he might give all the information to criminal just with a hope that he is getting assistance from a specialist, however, the criminal might be injecting virus or stealing personal data from victims system.

Vishing: – It is similar to the phishing attack, the word ‘V’ of vishing stands voice. We can say that it is the voice version of phishing. The criminal makes use of phone call to commit this crime. To cite an example- criminal acting like a worker of the same company where the victim works, cleverly ask for any kind of sensitive information regarding company or employees in order to harm them.

Hunting: – It is a one-off attack; attackers use phishing, baiting, and other social engineering attacks to gather all the data from the victim without much interaction.

Farming: – This is a long term method, where a criminal builds a relationship with his target/victim with the main motive of extracting out as much information as possible without considering the time factor.

So, that’s all about the various kinds of attacks involved in social engineering. I hope the above-stated information is best for your knowledge.

For more great content like this, subscribe to our monthly newsletter:

[newsletter]

Exit mobile version