In this article, we are telling you about Social Engineering in Cyber Security in detail, we have already told you about social engineering cyber security but here we are trying to tell you in more depth.
We hope that you will enjoy knowing about social engineering cyber security in depth and this article will be useful for you, we want to clear you one thing, most of the concepts mentioned here are of Comptia s +.
If you have not read our earlier social engineering example articles, then you must read them, we are not giving you the definition of social engineering here because it has already been told to you, here we are telling you about social engineering Techniques or methodologies in detail.
It cannot be said how much this Social Engineering in Cyber Security article increases, but if you read our Social Engineering in Cyber Security article, you will know a lot about Social Engineering.
Note – This article is only for educational Purpose. Don’t miss use your Knowledge and Skills.
Importance of Social Engineering in Cyber Security ?
We have told you about Importance of Social Engineering in Cyber Security in many articles in the past if you have not read our articles, you can also read them here link you are being given.
At the same time, here you will not be told anything that we have told you in the previous articles here we are trying to tell you about Social Engineering in Cyber Security in depth. We hope you like our article.
Social Engineering Activities
As the name suggests, in Social Engineering Activities, you can keep all that you can call activities in Social Engineering like Reconnaissance, Credential Harvesting, Identity Theft, Credit Card fraud, Espiionage etc.
Here we are telling you in detail about all these social engineering activities, we have already told you about Information Gathering, but here we are telling you what is the use of Information Gathering in Social Engineering.
Reconnaissance
You must have heard about Reconnaissance many times before, which we also call Information Gathering, the first activity in Social Engineering in Cyber Security also comes Reconnaissance, here Reconnaissance is used in many ways.
It depends on what kind of attack a hacker who is a victim wants to perform on him or what the hacker wants from the victim, let’s try to understand it with an example.
For example, suppose the target of a hacker is on WhatsApp and the hacker has the victim’s mobile number, in such a way, a hacker collects the victim’s information using the same mobile number as his social media accounts, his number’s information like this. In this case, if social media accounts are found using OSINT, in such a situation, hackers can know the behavior of the victim somewhere and can use social engineering on it.
Credential Harvesting
Credential Harvesting is known as the name in simple language, where the process of username and password details is called Credential Harvesting, now there can be a way like Phishing attack.
Identity Theft
Here Identity Theft means Email in a Hackers Social Engineering in Cyber Security and Information collect through calls as we have told you about Email Spoofing.
Let’s try to understand you by example Hackers Email Spoofing and can collect Information using Phishing attack together Here you are given an example of a variety of ways in which Social engineering through Hackers emails and calls.
Credit Card fraud
As the name suggests Credit Card fraud in an easy language, if you say that you collect the information of Hackers Credit Card here, here we cannot tell you an example of this because the example that is not said is related from Carding.
But we understand you in simple language, as if using Hackers Social Engineering collect the information of Users Credit Card or Credit Card fraud in any way, it comes in the category of Credit Card fraud.
Espionage
There is also a term Espionage in Social Engineering in Cyber Security which is rarely talked about here we are telling you about Espionage if you have read about CompTIA S+ so you must be aware of Espionage.
Let us understand the meaning of Espionage as if there are two company or Organization and they both give the same services. In such a case, if a employee of one company or company spy on another company, it is called Espionage. In easy language, when a company or Organization spy another company or Organization, it is called Espionage.
Malware Distribution
Malware Distribution as the name suggests, spreading a Virus in any way Network or company or organization here you can understand the example of Worm Virus Worm Virus you are told in the COMPUTER VIRUS article you can read our article.
Social Engineering psychology
It is very important to understand psychology in Social Engineering in Cyber Security as a Hacker convince your victim on the base of psychology and We are being told some terms about Social Engineering psychology here.
Respond to Authority
Here Respond to authority means an attacker calls by becoming an employee of an organization which is a legit Here we are telling you a real time example which happened to us some time back.
Some time ago a courier had to come to our house and before that courier came, we got a call, we were told that your courier is stuck somewhere, if you want to get your courier released, then you can send 5 rupees by clicking on our link.
In such a situation, we did not do this because we knew that this does not happen and he would either take the information of our debit card or similarly fraud with 5 rupees from many people, in such a situation, you yourself think if that person is 5 than 100 people. takes rupees, in this way he gets 500 rupees.
Trust People
As the name suggests, a attacker victim Trust gain and Social Engineering something, where Trust can be about anything like in some kind of relationship or about some kind of products.
Desire to be Responsive
The next term Desire to be Responsive in the Social Engineering in Cyber Security in which a attacker victim convince using some kind of legit products can be from any company legit products.
Fear to Getting in Trouble
As the name suggests Fear to Getting in Trouble it either information collect a attacker victim by Social Engineering it fearing to get into some kind of trouble or trying to trap some kind of attack here fear can be of any kind.
Threat of harm
Threat of harm threatens to reach a attacker victim physically harm and implicates him in some kind of attack or tries to get out of victim secret information like Username passwords or any kind of Credit card information etc.
Promise of reward
You understand easily about Promise of Reward and you must have seen it at some point of time where you are given points for any kind of referral or some activity is done by giving you some kind of greed.
Like we see in the coming days that we get many such links in groups that if you want free laptop, then fill this form as well as through your Ecommerce websites you will have seen such things spin and earn but in reality. All this is Social Engineering, so you should be aware of all this.
Need to Know
In Social Engineering in Cyber Security, some terms may be new to you like Need to Know Here we tell you in simple language like your victim wants to know about another person or celebrity, in such a way Hackers will know about him and then hackers do Social Engineering by telling him.
For example, suppose a user is an actor, he is a fan, in such a situation, if the attacker wants, by creating a web page about which the actor is written, he can get redirected to any of his malicious pages through internal linking.
Social Engineering attack vectors
There are many types of attack vectors in Social Engineering in Cyber Security, about which we have already told you in the articles on Human Based Social Engineering and Computer Based Social Engineering, which you were not told about before, you will be told about them here.
Spear Phishing
You must have heard about Spear Phishing before, we have already told you about Phishing attack and Whaling, you must read about them once, here we are telling you about Spear Phishing.
If we understand Spear Phishing in easy language, then you can say that when the target of an attacker is a specific person, in such a situation it is called Spear Phishing, some people have confusion in whaling and Spear Phishing.
Here we would like to tell you that the target of a hacker in Spear Phishing is any one specific person from a company, whereas the target of a hacker in whaling is a high profile person of a company, now here you can understand the difference by relating it anywhere.
Vishing and SMSishing
In Social Engineering in Cyber Security, our next attack is Vector Vishing and SMSishing, as the name suggests, when an attacker does social engineering by calling, it is called Vishing, that is if social engineering is done through SMS. This is called SMSishing.
Apart from these, Watering Hole Attack, Bait and Switch Attack, Shoulder Surfing, Hoax Letters, Chain Letters, Spam Emails , Email Spoofing. we have told you all this before, you will find all this in articles with Human Based Social Engineering and Computer Based Social Engineering .
Quid pro quo
Quid pro Quo is an attack vector of social engineering, if you say in easy language, then you can say that when a hacker performs some kind of attack by treating people like helping people or does social engineering, in such a way it is called Quid pro Quo.
For example, suppose there is a company, it has two employees, in such a situation, one employee is not able to login to his company profile, in such a situation, if the other employee says that he helps, tell his user name password, in such a situation he will help him on the pretext of helping. Takes the user name password, here this process is called Quid Pro Quo in Social Engineering in Cyber Security.
Scare ware
Scare ware is an interesting social engineering attack vector, which is used a lot in today’s time, here we are telling you in easy language which you can easily to relate.
Here Scare ware means when a hacker does something which is to gain the attention of others, it is called Scare ware like suppose an attacker does a free webinar of some kind of product or service so that he introduces his service. In such a situation, that product or service is not valuable, but still hackers promote it in such a way that they easily gain the attention of others.
There are more such attack vectors in Social Engineering in Cyber Security like honey traps here the meaning of honey traps becomes a bit adult, so it cannot be told to you here, we are sharing your pdf here, you download that honey traps can know about.
Influence Campaigns
In today’s time, Influence Campaigns Techniques are used a lot in Social Engineering in Cyber Security. Before going about Influence Campaigns, you have to understand that Campaigns If you know about Digital Marketing, then you will know about Campaigns. know
You must have heard about our Facebook ads or Google AdWords, when we run any kind of online ads for any of our products or services, we have to create campaigns, here these campaigns are also used in social engineering.
Non State Actors
Here the meaning of Non State Actors is that Hackers try to change the mindset of the users by running campaigns and try to entice them into their trap, like any kind of fake services should be made using campaigns in such a way that the mindset of the users is changed. Go and he comes in their talk, in such a situation it comes in Non Stat Actors.
State Actors
By running campaigns in State Actors, users of another country are targeted, such as if any service in India is changed through campaigns to change the mindset of users of another user’s country, then it comes in State Actors. If you know well about Facebook ads and Google AdWords, then you can understand that you can also target any particular country or city.
Influence Campaigns Techniques
There are also some such terms in Social Engineering in Cyber Security which we keep in Influence Campaign Techniques like Pretexting, Gaslighting, deep fake, Disinformation etc. Here we are telling you about them.
Pretexting
There is a very interesting term in Pretexting Social Engineering in Cyber Security, if we say Pretexting in one word, then we can also call it story telling, like a hacker knows some information about his victim, in such a way he can create a story in this way. Do that the victim trusts them and tells everything about themselves.
Similarly, pretexting can also be used by creating campaigns, as if you know about a service, in such a situation, you can run fake campaigns about that service, seeing that users trust them and come to their talk.
Gaslighting
We try to understand Gaslighting in easy language, like suppose Hackers provide some kind of wrong information using campaigns, in such a way this technique is called Gaslighting, if Mislead is done by using similar campaigns, in such a way that is called Disinformation.
Deep fake
In Social Engineering in Cyber Security, Deep Fake means Artificial Intelligence, like you must have seen many such software’s using which we can generate different types of voices, here similar things are used when campaigns are used like this. In this it is called Deep Fake.
Similarly, if hackers use the voice of such a person whom the victims know and can trust their words, in such a situation it also comes in Deep Fake, if you say in easy language, then do social engineering using the voice of a known person.
Countering Social Engineering
The most important thing in this article in Social Engineering in Cyber Security is that how can you stay safe from Social Engineering attacks, we are telling you some steps, knowing about which you can avoid Social Engineering attacks to some extent.
Like most important is user awareness, if here we are not saying that antivirus or firewall cannot keep your devices secure, but if you are not aware of cyber security, then antivirus, firewall or browser security will also give you complete hacking. Can’t protect from attacks.
We are telling this from our experience when I started in the field of cyber security, then despite having antivirus, virus came in laptop because sometimes we inadvertently allow Unwanted software’s even after giving warning of antivirus, so User awareness is most important.
Apart from this, you should always keep your software’s and browsers updated, as well as you should not plug any such pen drive in your devices, as well as if there is a company in there, cameras must be installed there.
The Conclusion
We hope that you must have come to know about Social Engineering in Cyber Security very well, we have told you a lot about Social Engineering in Cyber Security here.
If you read this article on Social Engineering in Cyber Security and all the articles on Social Engineering in Cyber Security on our website, then you will know a lot about Social Engineering.
We know that our article on Social Engineering in Cyber Security has increased, but here we have tried to tell you more and more about Social Engineering, we hope that you will definitely share this article of ours.
Here we will try to telling you Social Engineering in Cyber Security in detail.
Subscribe to our blog for latest Updates
Sharing is Caring
Thankyou….
Leave a Reply