Social Engineering: Difference between revisions

From
Jump to navigation Jump to search
No edit summary
No edit summary
Line 2: Line 2:


== Example: telephone call ==
== Example: telephone call ==
Hi,
''Hi,


this is Mallory Malicious from the IT security company. You know, I'm responsible for improving your network's safety. Excuse me for using your time, but I have changed the security mode. Now all users have to be updated if they are to have access again. Would you please give me your password, so I can adjust your account properly?
this is Mallory Malicious from the IT security company. You know, I'm responsible for improving your network's safety. Excuse me for using your time, but I have changed the security mode. Now all users have to be updated if they are to have access again. Would you please give me your user name and password, so I can adjust your account properly?


Thank you very much
Thank you very much''


'''Obtained user name and password for access on foreign network.'''


== Example: virus warning ==
''A "socially engineered" worm could be the following E-Mail:''


== Example: virus warning in a mail ==
Hi Alice,
''Hi Alice,


have you heard of this horrible ABC virus?
have you heard of this horrible ABC virus?
Line 22: Line 22:
Have this mail posted to all your friends, too! They might be infected.
Have this mail posted to all your friends, too! They might be infected.


Bob
Bob''

'''Deleted system files and spread a worm.'''

Revision as of 19:59, 14 November 2004

Social Engineering is a type of non-technical retrieval of confidential information or gain of access to computer systems. It makes use of characteristics in human behaviour.

Example: telephone call

Hi,

this is Mallory Malicious from the IT security company. You know, I'm responsible for improving your network's safety. Excuse me for using your time, but I have changed the security mode. Now all users have to be updated if they are to have access again. Would you please give me your user name and password, so I can adjust your account properly?

Thank you very much

Obtained user name and password for access on foreign network.


Example: virus warning in a mail

Hi Alice,

have you heard of this horrible ABC virus? I have been infected! All my files were deleted. It's a total chaos.

If you have this virus you MUST delete it! It hides in your C:\WINDOWS\SYSTEM folder. Look there and delete the EMM386.exe!

Have this mail posted to all your friends, too! They might be infected.

Bob

Deleted system files and spread a worm.

Retrieved from "https://sarwiki.informatik.hu-berlin.de/index.php?title=Social_Engineering&oldid=247"