First of all, there is a surprising definition of social engineering. That is hacking; someone enters other’s computer or the network without permission. However, social engineering is a little different from general hacking. Usually, hackers go in to other people’s computers by using information and communications technology, but “social” engineering is done in the real world by using “social” means like the art of conversation, eavesdropping, or peeking; therefore, in a sense, hackers can get the information without computers. To get the secret information that is personal and important for keeping the security safe such as password, hackers catch managers or users of the network off their mental guard.
Then there are three examples of how they get the information; telephones, a peek, and trash boxes. The first example is using a telephone. It is one of the most representative and oldest ways. First, they get the user ID of other people; then they make a pretense to be them and call the manager to get the password, even they sometimes pretend to be the manager and take the information from users directly. Another example is peeking that is called “shoulder hacking” because they get the information by looking over someone’s shoulder. In addition, picking up the information from trash boxes is often used for the primary step to hack. In this case, hackers make use of people’s habit; people usually throw the material that has the information about the setting such as server and router, the structure of network, IP address, password, and so on away. Thus, Hackers take it and use it.
In short, social engineering means cheating people of the important information without harming computers.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment