Communiquez avec les autres et partagez vos connaissances professionnelles

Inscrivez-vous ou connectez-vous pour rejoindre votre communauté professionnelle.

Suivre

From information security domain, What is the 'Social engineering'?

user-image
Question ajoutée par wesam azmy , Program Manager , Jamalon
Date de publication: 2014/12/31
Jayakrishnan C P
par Jayakrishnan C P , Security Service Manager , Metmox Inc

A non-technical method of intrusion which hackers use that relies heavily on human interaction (mainly email / websites or Direct Phone calls) and often involves tricking people into breaking normal security procedures. It is one of the greatest threats that organizations today encounter.

Sameer Paradia
par Sameer Paradia , Associate Partner , IBM

The threat of technology-based security attacks is well understood, and IT organizations have tools and processes

in place to manage this risk to sensitive corporate data. However, social engineering attacks are more challenging to

manage since they depend on human behavior and involve taking advantage of vulnerable employees. Businesses

today must utilize a combination of technology solutions and user awareness to help protect corporate information. 

Financial gains are the primary motivation of social engineering. Social engineering attacks are costly especially in large organizations.  New employees are most susceptible to social engineering technique.

Hope this helps.

Syed Muhammad Ahmed
par Syed Muhammad Ahmed , Information Security Professional - Penetration Tester , SecureBeans

Basically Social Engineering is from one of the phases of Hacking /Ethical Hacking (Penetration Testing) In which the Penetration tester or Hacker used to grab attention of the endusers through various methods like phishing, fake user registration forms and much more the ultimate objective is to gain the valuable information from the enduser easily for instance A hacker used to clone a website of facebook and then send it to the enduser with some redirections of submit button although it comes with another name but its usually been observed and tested that we don't look and examine the url address of the website once we click to open any hyperlink then the enduser put their username and password on and click on submit button once it clicked then webpage send the information to the hackers defined point which could be an email address or the datebase or in any source and as a result the persons identification and other valuable information is being compromised.

In simplest form the social engineering is a method to manipulate the enduser and to test the behavior of the enduser to extract valuable information.

imran Noor -
par imran Noor - , Audit Officer , Auditor General of Pakistan

An intrusion method  in which the hacker steals the valuable data by exploiting vulnerabilities of human behavior.

More Questions Like This