Almost every type of attack contains some kind of social engineering. The classic email "phishing" and virus scams, for example, are laden with social overtones. Phishing emails attempt to convince users they are in fact from legitimate sources, in the hopes of procuring even a small bit of personal or company data. Emails that contain virus-filled attachments, meanwhile, often purport to be from trusted contacts or offer media content that seems innocuous, such as "funny" or "cute" videos.
In some cases, attackers use more simplistic methods of social engineering to gain network or computer access. For example, a hacker might frequent the public food court of a large office building and "shoulder surf" users working on their tablets or laptops. Doing so can result in a large number of passwords and user names, all without sending an email or writing a line of virus code. Some attacks, meanwhile, rely on actual communication between attackers and victims; here, the attacker pressures the user into granting network access under the guise of a serious problem that needs immediate attention. Anger, guilt and sadness are all used in equal measure to convince users their help is needed and they cannot refuse. Finally, it's important to beware of social engineering as a means of confusion. Many employees and consumers don't realise that with only a few pieces of information — name, date of birth or address — hackers can gain access to multiple networks by masquerading as legitimate users to IT support personnel. From there, it's a simple matter to reset passwords and gain almost unlimited access.
Protection against social engineering starts with education — users must be trained to never click on suspicious links and always guard their log-in credentials, even at the office or at home. In the event that social tactics are successful, however, the likely result is a malware infection. To combat rootkits, Trojans and other bots, it's critical to employ a high-quality Internet security solution that can both eliminate infections and help track their source.
Other articles and links related to Social Engineering
- Types of Social Engineering
- Combining Social Engineering & Malware Implementation Techniques
- Social Engineering Threats
- Phishing Resources
- Spear Phishing
- Top 10 Most Notorious Hackers of All Time
- Mobile Malware Threats to Watch out for!
- Kaspersky Total Security
- Kaspersky Internet Security
- Kaspersky Anti-Virus
- Kaspersky Internet Security for Mac
- Kaspersky Internet Security for Android