This time we like to talk about "Social Engineering" because few of us know what it is but many come into contact with it on a daily basis. Within the IT world, there is a triangular relationship: hardware, software, and the indispensable “humanware” (no official term here). In the IT world, humans are still considered to be the weakest link, which has automatically made them the best “target” of the cybercriminal. And all those techniques that are used by them to hack computer systems via those users are placed under a new collective name, namely “Social Engineering”.
Within Social Engineering, three types of techniques are distinguished: personal, telephone, and digital. For now, we list the digital techniques.
Social Engineering Digital Techniques
Pretexting: When someone sends an email with a domain name that seems familiar and comes from a person within that domain. Oftentimes, this message contains an attachment containing malware.
Phishing: When someone publishes an impersonation of a well-known website or services, to gain your trust. These websites often request personal information via forms and offer downloads that contain malware.
Social Media Phishing: When someone impersonates a social media website to gain your trust. These websites will make available relevant content that you would click on and download malware files.
Reverse Engineering: When someone attacks your business environment to expose sensitive issues and/or holes in network security. After this, contact is made with the company to supposedly resolve this.
Typosquatting: When someone mimics well-known typos from fire URLs, to gain your trust. The counterfeit website can easily collect personal information from the visitor if the typo is not recognized.
Friendly E-mails: When someone sends you e-mail messages from a hacked account of an acquaintance or creates a fake account with the name of your friend or acquaintance. Often enough an attachment has been added in which malware is hidden.
Knowing that there is danger is far from enough. It is in your own interest that you also pay close attention and thus prevent yourself from becoming a victim of cybercrime.