Social Engineering

Social Engineering

Social engineering involves manipulating people into handing over confidential information. This confidential information could be used to gain access to accounts or to steal identities (e.g. take out credit cards and loans in someone else’s name).

Blagging (Pretexting)

Also known as pretexting, this involves someone lying to convince someone to supply personal details or login information. The person may pretend that they need the information to confirm the persons identity or to secure their accounts.

Pharming

This is where uses are redirected to a ‘fake’ website. Users then enter their login details and maybe even their credit card details on the site. This can be done in a number of ways – malware could be installed on the users computer to redirect users on that particular computer. Or the DNS of the ISP could be compromised and all users could be redirected to the illegitimate site.

Phishing

This is where emails and messages (e.g. What’sApp messages) are sent to try and convince the recipient to supply sensitive information. The emails may tell the recipient that they have won a prize and so need to supply data or might pretend that they are from a reputable company that need to confirm their details.

Shouldering

This is very simple – people simply watch (sometimes over your shoulder) when you are typing in your login details on your phone, laptop or commonly at ATMs. (Thanks Ben for spotting the deliberate spelling mistake!)

%d bloggers like this: