Social Engineering Attacks
I have read through a lot of resources for the Security+ exam pertaining to Social Engineering attacks. I wanted to ask some of you on this forum what social engineering attack you guys/girls think is the most prevalent?
Cheers
Cheers
...
Comments
Many people still do not know that the sending address of an email can be easily faked and therefor can be victims of these attacks.
On the other hand it's probably popular because it's cheap, easy to do and pretty anonymous.
Regards,
Lordy
Goal for 2014: RHCA
Goal for 2015: CCDP
Here's a thought: social engineering involves impersonation, and could be looked at as the non-technical equivalent of spoofing. In a phishing attack these two usually come together as the sender address is spoofed, in an attempt to social engineer the target (which does involve more than just spoofing the address, the content of the email has to be convincing.
Here's another one: social engineering attacks through email can be divided into two main categories. Personal and public attacks. The first is targetted at a single person/company and the contents is targetted to that entity personally. The second is a phishing attack in which a large public is targetted with the same content. The first is obviously more like a classical Kevin Mitnick social engineering attack in which a telephone call is made to fool a target into disclosing information.
FIM website of the year 2007
http://www.takedown.com/index.html
content with your knowledge. " Elbert Hubbard (1856 - 1915)