What is social engineering?

Have you ever received a message that said, “Hi. Can you borrow 2000 until Tuesday?” If so, then you have already encountered social engineering.

Social engineering began to gain popularity along with the popularity of the Internet. Statistics say that in 2021 alone, cases of social engineering have become 2 times more frequent. The scammers realized that the easiest way to deceive a person is by using the human factor. It is much more difficult to hack the site’s security system. People are ready to provide personal data themselves. As a rule, the main targets of fraudsters are the user’s personal data or his finances.

What is social engineering and how did it appear?

Many of us have encountered cases of social engineering. Someone called and asked for money. Someone called from the bank, saying that their account was hacked and they needed to send money to another account. What is social engineering?

Social engineering is a set of psychological and sociological techniques, methods, and technologies that allow you to obtain confidential information.

Social engineers are people who use similar methods to collect information about a person. People themselves give information that can cause them harm in the future. A simple example: a person is called and told that his relative has been in a serious accident, and they demand money for treatment. The person is so scared that, not understanding the situation, he sends the specified amount to an unknown number. Or a person receives a message from a friend that his mother is sick, and they demand money for an operation. Naturally, a person immediately tries to help a friend and sends money. And only then contacts his friend to find out information. Despite the fact that the police are spreading information about social engineering methods, many people continue to believe scammers. After the money has already been sent, it is difficult for the police to find the criminals, since the person himself provided the information or sent the money. In fact, no one forced him.

Now scammers have moved to a new level and prefer to work via the Internet. Therefore, the concepts of social engineering and cybercrime are closely related.

The most popular methods of social engineering

Cases of social engineering are becoming more frequent due to human inattention. Few of us check the addresses of the letter that came to the email. In addition, we follow all the links that are sent to us.

Despite the fact that social engineering is aimed at using the human factor, most episodes follow a proven scenario. Social engineers prefer to use classical methods that work best.

Phishing

In this case, social engineers rely on the inattention of the user. As a rule, a message or letter with a link is sent to the user’s mail, which urgently needs to be followed. Many users are used to receiving standard promotional mailings and do not even look where and why they go. As a result, a fraudster can gain access to all user data, from the name to the credit card number.

Trojan

A message comes in the mail stating that the user has won a large amount of money. But the message contains a virus, just like the Greeks in the Trojan horse. Naturally, greed takes over, and the user follows the link. And cybercriminals have already learned how to make such files and links so that the user could not guess in any way that they contain a virus. That’s it. He’s already on the hook for scammers.

Qui pro quo

As a rule, cybercriminals pose as employees of the company’s support service. They call or send a message to the user saying that the system is faulty. To avoid errors in the program or system, certain actions should be performed. As a result, the fraudster gets what he wants.

Social engineering assumes that a person will be completely trusted. Otherwise he will simply not provide data. As a rule, scammers are presented by people or services that they trust. It can be not only relatives and close friends, but also various support services, bank employees, and even the police. It’s not easy to find a social engineer, but it’s possible. They call and write for a reason. They ask for details such as phone number, bank card number, etc.

Social engineering is designed for people who are too trusting or inattentive. You should always check all emails and links that you receive over the Internet. In addition, you should never share your personal data with someone. A few simple tips will help keep you safe. Always remember that it can be unsafe on the Internet, and it is better to check all links and pages twice.

Comments are closed.