2.2.10 Footprinting through Social Engineering

Footprinting through Social Engineering

  • Social engineering is an art of exploiting human behavior to extract confidential information.
  • Social engineers depend on the fact that people are unaware of their valuable information and are careless about protecting it.
  • Social engineers attempt to gather:
    • Credit card details and social security number
    • User names and passwords
    • Security products in use
    • Operating systems and software versions
    • Network layout information
    • IP addresses and names of servers
  • Social engineering techniques:
    • Eavesdropping
    • Shoulder surfing
    • Dumpster diving
    • Impersonation on social networking sites

Collect Information Using Eavesdropping, Shoulder Surfing, and Dumpster Diving

  • Eavesdropping:
    • Eavesdropping is unauthorized listening of conversations or reading of messages.
    • It is interception of any form of communication such as audio, video, or written.
  • Shoulder Surfing:
    • Shoulder surfing is a technique, where attackers secretly observes the target to gain critical information
    • Attackers gather information such as passwords, personal identification number, account numbers, credit card information, etc.
  • Dumpster Diving:
    • Dumpster diving is looking for treasure in someone else's trash.
    • It involves collection of phone bills, contact information, financial information, operations related information, etc. from the target company's trash bins, printer trash bins, user desk for sticky notes, etc.

results matching ""

    No results matching ""