For educational purpose only. Crypto shall not be held resposible for any damage that caused by using this information.
Let us discuss Social Engineering today.
This topic is rarely discussed because,it is a non-technical type of hacking. But believe me it has great importance.
What is Social Engineering ?
Social engineering refers to the method of influencing and persuading people to reveal sensitive
information in order to perform some malicious action. It is used to gather confidential
information, authorization details, and access details by deceiving people and manipulating them.
Thus in this we intentionally ask the victim , such type of questions so that we can guess his/her
confidential information by the answers of those questions. The social engineering can be seen in movies like oo7, Italian Job, Catch Me if you can, Bourne Identity & other series, Eagle Eye, Hackers, Hackers 3 Antitrust etc.
One of the greatest advantage of Social Engineering as compared to other attacks is that there is no software or hardware to halt it. It can only be halted by the understanding power & IQ
of victim.
Types of Social Engineering :
Social Engineering can be broadly divided into two types:
1. Human-based
2. Computer-based.
Human Based Social Engineering :
Human-based social engineering involves human interaction in one manner or another. It means that it will involve the attacker to perform some activities manually or physically.
The Human based social engineering is performed by following ways:
1. In Person :
Attackers might try to visit a target site and physically survey the organization for
information. A great deal of information can be gleaned from the tops of desks, the trash, or even phone directories and nameplates. Attackers may disguise themselves as a courier or delivery person, a janitor, or they may hang out as a visitor in the lobby. They can pose as a businessperson, client, or technician. Once inside, they can look for passwords on terminals, important papers lying on desks, or they may even try to overhear confidential conversations. Thus attacker is like a rouge in this attack.
For eg: Attacker can enter an organization by pretending to be an Air Conditioner mechanic. As A/C are mostly implemented in organizations. Now he can freely survey the organization's structure and even if he gets a chance he install keylogger or trojan in of the machine. Other example is the attacker may possess himself as a company employee and make call to company's technical support to eilcit information.
2. Third-party Authorization :
Another popular technique for attackers is to represent themselves as agents authorized by some authority figures to obtain information on their behalf. For instance, knowing who is responsible to grant access to desired information, an attacker might keep tabs on him/her and use the individual’s absence to leverage access to the needed data. For eg:
let Mr. pr3dat0r be the Networking and Security Admin of Zenia Company. Now he will only
have permission to gain access to information related to company's network. Let miss. Xena
be pr3dat0r's junior network admin and all information about network is given by her to pr3dat0r.
Now consider an attacker Crypto wants to gain access to network information of zenia company. So what he will do this ; Crypto will keep recording the daily routine of Mr. pr3dator, and try to
know how he works & how he gets information about Network of company. Now when Crypto knows all the working schedule of pr3dat0r, so now whenever mr. pr3dat0r will be not present in office, Crypto will goto Xena and say politely "Hi, I am MR. Crypto from your ISP, I have an appointment with MR. pr3dat0r and he asked me to collect the Network Log from you." Now when xena learns that Crypto is reffered by pr3dat0r , she will soon hand the n/w Log to him. Usually it has been seen that junior employees don't ask much questions to the persons who are reffered by their seniors employee.
Then what, after Crypto gets Log & he flee away.
3. Tailgating :
Usually this attack works in big organization, having enormous emplyees.An attacker, wearing a fake ID badge, enters a secured company's area by closely following an authorized person through a door requiring key access. An authorized person may not be aware of having provided an attacker access to a secured area. The attacker usually says following words to an authorized person who is having ID:
“I forgot my ID badge at home. Please help me...”
An authorized person provides access to an attacker by keeping the secured door open.
Thus by following the authorized person closely the attacker will enter the secured areas of company, as attacker follows the authorized person closely so it is called Tailgating.
4. Shoulder Surfing :
This attack is very common among the students in school & colleges. It is also very common in cyber cafes.
In this attack the attacker silently stands stealth behind the victim at some distance and carefully watches the keystrokes that are hit by victim when, victim is entering password or any other such sensitive information during surfing. for eg: Here is how I one day used this attack to get password of Admin account of a machine in my internet lab at college, usually students are provided limited account at Labs. So, I went to the Lab assistance and said him that "Sir, I want to install Turbo C++ in a machine in this lab so I could practice here, because I don't have laptop or PC." So, he came along with me and now he was going to login to Admin account of that
machine. I stood little away and watched the keystrokes. How ever I was not able to see all keystrokes. But soon after he went I easily guessed the password by knowing the keystrokes that I had seen. Then I owned that machine. However shoulder surfing is a risky attack, because you can be caught red hand. But I feel fun in risks. ;-)
The other great example is that some boys keep standing near the STD or Phone Recharge shops, & when some sexy girl comes there to get her cell recharged those guys overhear her contact number when she is telling to shop keeper. ;-)
Other place where this attck take place in large amount is ATM, when someone is withdrawing cash from ATM the attacker usually sees the code entered by the person, and if that person throws the slip that ATM machine prints out after any transaction then attacker picks up & read that slip to know how much money that person got. After that it is up to attacker how to obtain that ATM card. You should better know how to get ATM card from owner because I can't teach you martial arts in this topic. ;-)
5. Dumpster diving :
In this the attacker basically searches the garbage of company to gain information. The attacker will search the printer thrash bins, dust bins, filled with papers that contain information about the company. Usually this type of attack provides following information:
Employee name, employee ID, Phone numbers, email ID, FAX, Financial information.
So this is the reason why many banks usually burn the dumps before they throw them.
Now for eg: If u get some employee's contact number by dumpster diving, now you can call him/her in middle of night and ask him/her to work for you by giving greed of money. Usually
disgruntled employee will agree soon.
Computer Based Social Engineering
Computer based social engineering is implemented by using software or programing applications like e-mails, Virus, trojan, Chatting, etc. Following are the ways to perform Computer based social engineering:
1. Pop-up Windows :
In this type of social engineering, a window appears on the screen informing the user that he/she
has lost his/her network connection and needs to reenter his/her username and password. A
program that the intruder had previously installed will then email the information to a remote
site. This type of attack is mainly done by using virus and trojans. The spyware can aslo perform this type of attack. The spyware will pretend to be a antivirus and will pop up a message to user that his/her machine contains virus & in order to remove them , it needs username & password etc. When user enters those information it will then give a fake reply like virus removed and in backend it will send information to attacker.
2. Spam & e-Mail Attachments :
In this attack the user sends a email to victim in order to get information.for eg: The mail will declare that you have won a lottery of 20,000$ and then it will ask you to goto some link, where then it will ask you about your confidential information like bank account details so that delevery can be made. Attacker can aslo send an attachment along with email & that attachment can be virus or trojan.for eg:“Anna Kournikova” worm. Social engineers try to hide the file extension by giving the attachment a long file name. In this case, the attachment is named AnnaKournikova.jpg.vbs. If the name is truncated, it will look like a jpeg file and the user may not notice the .vbs extension.
3. Chatting/Instant Messaging :
Now a days it is quite popular medium of communication. People of almost all ages chat online.
Usually it is very popular among the teenagers. Performing social engineering via chatting is quite easy.
Attacker just need to chat with someone and then try to elicit the information. As chatting is informal way of communication which means attacker is not directly communicating with the person. Now due to this attacker can even tell lie to other person about his/her identity etc. Because victim can't see attacker.(without webcam)
for instance:
Usually what attacker do is , he/she chats with boys by behaving as a girl & vice-versa. By using fascinating picture during chatting attacker can lure any one. Display picture usually works like bait. Then slowly attacker will ask certain questions by which he/she can elicit information about the victim. And believe me this method is very dangerous because you would not even know when you got victim to social engineer.
Me and my friends tried this social engineering many times.
I tried this technique many times, & you may not believe me that I easily go the password of e-mail id, by simply asking the victim "What is ur password ?"
But for this you first need to create deep trust with victim then make ur final attack on victim.
Mainly it depend upon you how clever & smart you are and how good in communication & in manipulating the answers.
4. Malicious Websites :
This involves a trick to get an unwitting user to disclose potentially sensitive data, such as the
password used at work. Some methods include using advertisements that promote and display
messages offering free gifts and holiday trips, and then asking for a respondent’s contact email
address, as well as asking the person to create a password. This password may be one that is
similar, if not the same, as the one that the target user utilizes at work. Many employees enter the same password that they use at work, so the social engineer now has a valid username and
password to enter into an organization’s network. Now a days I have ssen many websites ask you to use your e-mail id as Username while registering a new account. Then it ask to create a new password.
Now some people get fooled they enter the same password that they are using with that email account..!!
Beware about this.
5. Insider Attack :
60% of attacks in organization are done by insiders. In this attack the attacker uses some other person to implement the attack. for eg:
A competitor can inflict damages to an organization by stealing sensitive data, and may eventually bring down an organization by gaining access to a company through a job opening by sending a malicious person as a candidate to be interviewed, and—with luck—hired.
Other attacks may come from unhappy employees or contract workers. It takes just one
disgruntled person to take revenge on a company by compromising its computer system.
How to defend against social engineering ?
As I told you before that there is no software or hardware to halt social engineering.
The only one way to avoid it is by using your own brain. Try to think twice before you give any answer or information to any person, because the word lie sits exactly between the word believe..!!
Many people ask How can I hack e-mail id ?
Every time my answer is same :
1. Using keylogger (I already discussed it in other topic)
2. Using fake pages/phishing
3. Social engineering
Once again remember Hacking is a crime...!!!
No comments:
Post a Comment