Reverse Social Engineering
Users ask attacker for help and information (Thinking the Attacker is a person in a position to help)
An example could be that the attacker takes information down from the user while appearing to fix the problem for the user
Social Engineering is where the attacker is acting like the user and pretending that they lost their password ect...
So the difference would be that in one role (the Reverse) The attacker would act like the help support or technician while in the other role the attacker would act as the user who needs help.
That is my basic understanding of the 2... Hope that is helpful
True, reverse social engineering is a form of social engineering. But that doesn't mean they are logically the same. Simply put, all reverse social engineering is social engineering, but all social engineering is not reverse social engineering.
According to Methods of Hacking: Social Engineering, a paper by Rick Nelson, the three parts of reverse social engineering attacks are sabotage, advertising, and assisting. The hacker sabotages a network, causing a problem arise. That hacker then advertises that he is the appropriate contact to fix the problem, and then, when he comes to fix the network problem, he requests certain bits of information from the employees and gets what he really came for. They never know it was a hacker, because their network problem goes away and everyone is happy.
Reverse SE is putting yourself in a position where the victim thinks you are helping him/her and willingly provides you with everything. SE is pretty much blatantly asking for passwords, usernames, etc
Comments
Users ask attacker for help and information (Thinking the Attacker is a person in a position to help)
An example could be that the attacker takes information down from the user while appearing to fix the problem for the user
Social Engineering is where the attacker is acting like the user and pretending that they lost their password ect...
So the difference would be that in one role (the Reverse) The attacker would act like the help support or technician while in the other role the attacker would act as the user who needs help.
That is my basic understanding of the 2... Hope that is helpful
I recommend, if you are interested the book from Kevin Mitnik. Its really interesting!!
I couldn't agree more...
The Fiber Optic Association www.thefoa.org
Home Acoustics Alliance® http://www.homeacoustics.net/
Imaging Science Foundation http://www.imagingscience.com/
Believe me, its a lot of fun too...