CEH v10: 09_Social_Engineering
Social engineering is an act of stealing information from humans.
- No interaction with target system or network
- Non-technical attack
- Convincing the target to reveal information
One of the major vulnerability which leads to this type of attack is “Trust”. User trust in another user and does not secure their credentials from them.
Employees are uneducated at organizations, so this is a major vulnerability.
Lack of security policies and privacy are also vulnerable.
Steps of Social Engineering
- Collection of information from the target organization
- Collected by dumpster diving, scanning, search on the internet, …
- Select the target among other employees
- A frustrated target is more preferred
- Create relationship with the target
- Earn the trust
- Collecting sensitive information such as usernames, password, etc…
Social Engineering Techniques
##Types of Social Engineering
Human-based Social Engineering
One-to-one interaction with the target. Earn the trust to gather sensitive information from the target.
Pretend to be something or someone, pretending to be a legitimate user or authorized person. Impersonation is performed by identity theft.
Eavesdropping and Shoulder Surfing
Eavesdropping is a technique in which attacker is revealed information by listening to the conversation. Reading or accessing any source of information without being notified.
Shoulder Surfing is a method of gathering information by standing behind the target.
Looking for treasure in trash.
Reverse Social Engineering
The attacker convinces the target of having a problem or might have in the future to get sensitive information.
Piggybacking and Tailgating
Piggybank is a technique in which attacker waits for an authorized person to gain entry in a restricted area. Tailgating is a technique in which attacker gains access to the restricted area by following the authorized person.
Computer-based Social Engineering
Attacker send fake emails which looks like legitimate email. When recipient opens the link, he is enticed for providing information.
Similar as phishing but it is focused on one target. Because of this, it is generate higher response rate.
Mobile-based Social Engineering
Publishing Malicious Apps
These applications are normally a replica or similar copy of a popular application.
Repackaging Legitimate Apps
Repack a legitimate app with a malware.
Fake Security Apps
Attacker develop a fake security app.
Social Engineering is not all about a third person gathering information, it may be an insider with privileges.
Impersonation on Social Network Sites
Social Engineering Through Impersonation on Social Network Sites
Attacker gathers personal information of a target from different sources mostly from social network sites such as full name, date of birth, email address, residential address, etc. After gathering the information, the attacker create an account that is exactly the same. Then introduced to friends, group joined by the target to get updates or convince the target’s friends to reveal information.
Risks of Social Network in a Corporate Networks
Social network sites is not secured enough as a corporate network secures the authentication. The major risk of social network is its vulnerability in the authentication. The employee while communicating on social network may not take care of sensitive information.
- Stealing the identification information of someone
- Popularly used for frauds
- Prove the fake identity to take advantage of it
- Gathering information: full name, address, contacts, accounts, birth information, bill from social networks, dumpster diving, etc…
- Fake identity proof: get fake IDs (driving licence, ID card, etc…)
- Fraud: spend money, unauthorized access, use ID for frauds, etc…
- Security of sensitive information
- Physical security
- Rotational duties
- Controlled access
- Least privileges
- Strong policies
- Bio-metric authentication
- social engineering toolkit (linux)