Time remaining:
Lab 6: Using Social Engineering Techniques to Plan an Attack

Computer Science
Tutor: None Selected Time limit: 1 Day

cis 534 

Lab 6: Using Social Engineering Techniques to Plan an Attack

Dec 20th, 2014

 Four ways social engineers compromise a person's security defenses and gain easy access to sensitive information are.

1. Alternative communication channels

Scam artists make use of alternative channels of communication because they catch people off guard, said Zeltser.

"Attackers find their victims are more susceptible to influence when the attacker engages them using a different medium than the victim is use to," he said.

He pointed to the example of a scam that used windshield flyers. The flyers alerted drivers that their car was "in violation of standard parking regulations" and asked them to log onto a site where they could get more information.


2. Personally-relevant messaging

People don't want to just get e-mail, they want me-mail, according to Zeltser. A message that is more personally interesting is going to get more attention, and criminals know that.

He referred to one worm variant that spread by spamming victims with messages that claimed to contain breaking news that just occurred in their local town.

3. Social compliance

It is human nature to want to do what others are doing, noted Zeltser. And our tendency to follow the crowd can also make us social engineering victims. Criminals know you will be more inclined to trust something that is popular, or recommended by trusted sources.

4. Reliance on security mechanisms

Because we are so used to certain security mechanisms, and often take them for granted, they are no longer protecting us, according to Zeltser.

Zeltser retold the tale of a scam that featured a social engineer dressed as a police officer who comes into a store.



Dec 21st, 2014

Are you studying on the go? Check out our FREE app and post questions on the fly!
Download on the
App Store
...
Dec 20th, 2014
...
Dec 20th, 2014
Dec 11th, 2016
check_circle
Mark as Final Answer
check_circle
Unmark as Final Answer
check_circle
Final Answer

Secure Information

Content will be erased after question is completed.

check_circle
Final Answer