Hacking and Social Engineering are conterminous. We often believe that a hacker steals our password, credit card information etc through electronic means or by his/her knowledge & skill in computer world, but things may be different too.
Won’t it be easy for a hacker if he finds your password simply by seeing what you typed?
A social Engineer uses social way to find confidential information. He/she would try to gain as much personal information about his/her target. He/she then uses that information gained to try all combination of password. Thus it will be easy for a hacker to crack your password or credit card details incase those sensitive and confidential words come from something related to you, say name of your pet, name of your girlfriend combined with your vehicle number or name of your teacher etc.
Social Engineering is done by following ways.
Phishing: A person or group can create a fake website or it will be right to say that they impersonate the original website. By links in email or social network the target is tempted to click on those links (the target or victim thinks it is a trustworthy & know website to him/her) and provide confidential details like date of birth card details etc in the page of the impersonated website.
Shoulder Surfing: Let’s understand it by an example. Suppose you are into a cyber café. You log in into any of your account online. What if a person behind you sees what you have just typed? Because cyber café is a public place so theirs a huge probability that the password you typed is being noted well by a particular person. This is shoulder surfing.
Dumpster Driving: We regularly throw garbage in the dustbin. Now some people (those hackers or fraudsters) go through one’s thrown garbage to learn personal details as very few people take care to dispose of sensitive documents properly. As I told earlier personal details can lead a way to crack ones password.
Thus a social engineer will go to extreme of extent to obtain personal information. The ways may include the 3 points mentioned above and beyond.
Avoid Shoulder Surfing: Shoulder surfing can easily be avoided by tweaking your password a little bit. To avoid, make sure your password contains atleast a letter both in upper case and lower case or/and include a particular letter or number or symbol twice consecutively. This would prevent others from noting what you have just typed as typing a character twice (or more times) consecutively won’t be easily visible or noticeable to the fraudster or hacker.
No comments:
Post a Comment