MD4 Social Engineering: The criminal art of persuasion Flashcards
There are multiple stages of social engineering attacks.
Prepare
The first is usually to prepare. At this stage, attackers gather information about their target. Using the intel, they’ll determine the best way to exploit them.
Social engineering
Social engineering is a manipulation technique that exploits human error to gain private information, access, or valuables.
These tactics trick people into breaking normal security procedures on the attacker’s behalf. This can lead to data exposures, widespread malware infections, or unauthorized access to restricted systems.
There are multiple stages of social engineering attacks.
Pretexting
In the next stage, attackers establish trust. This is often referred to as pretexting. Here, attackers use the information they gathered earlier to open a line of communication. They’ll typically disguise themselves to trick their target into a false sense of trust.
There are multiple stages of social engineering attacks.
Persuasion tactics
After that, attackers use persuasion tactics. This stage is where the earlier preparation really matters. This is when the attacker manipulates their target into volunteering information. Sometimes they do this by using specific vocabulary that makes them sound like a member of the organisation.
There are multiple stages of social engineering attacks.
Disconnect from target
The final stage of the process is to disconnect from the target. After they collect the information they want, attackers break communication with their target. They disappear to cover their tracks.
Preventing Social engineering attacks
- Implementing managerial controls
- Staying informed on trends
- Share what you know with others
