Do you know what is social engineering, the first time I heard about social engineering I was like what the heck is this but when I dug deep into it, it was pretty simple. Many people would argue that social engineering is one of the most simple and effective means for gathering information about a target. Social engineering is the process of exploiting the “human” weakness that is inherent in every organization. When utilizing social engineering, the attacker’s goal is to get an employee to divulge some information that should be kept confidential.
Let us assume you are conducting a penetration test on an organization. During your early reconnaissance, you discover an e-mail address for one of the company’s sales people. You understand that sales people are highly likely to return product inquiry e-mails. As a result, you sent an e-mail from an anonymous address feigning interest in a particular product. In reality, you did not care about the product. The real purpose of sending the e-mail is to get a reply from the sales person so you can review the e-mail headers contained in the response. This process will allow you to gather additional information about the company’s internal e-mail servers.
Let us take our social engineering example one step further. Suppose our salesman’s name is mark twain which we found this information during our reconnaissance of the company website and in the signature of his e-mail response. Let us assume that in this example, when you sent the employee the product inquiry e-mail, you received an automatic reply with the notification that mark twain was “currently out of the office travelling overseas” and “would be gone for two weeks with only limited e-mail access.”
A classic example of social engineering would be to impersonate mark twain and call the target company’s tech support number asking for help resetting your password because you are overseas and cannot access your webmail. If you are lucky, the tech support people will believe your story and reset the password. Assuming they use the same password, you now have access to mark twain’s e-mail and other network resources like VPN for remote access, or FT P for uploading sales figures and customer orders.
Social engineering, like reconnaissance in general, takes both time and practice. Not everyone makes a good social engineer, not even myself I don’t consider to be a social engineer. In order to be successful, you must be supremely confident, knowledgeable of the situation, and flexible enough to go “off script.” If you are conducting social engineering over the phone, it can be extremely helpful to have detailed and well-written notes in case you are asked about some obscure detail.
Another example of social engineering is to leave USB thumb drives or CD s at the target organization. The thumb drives should be distributed to several locations in or near the organization. The parking lot, the lobby, the bathroom, and an employee’s desk are all great “drop” locations. It is human nature for most people to insert the thumb drive or CD into their PC just to see what is on the drive. In this example though, the thumb drive or CD is preloaded with a self-executing backdoor program that automatically launches when the drive is inserted into the computer. The backdoor is capable of bypassing the company firewall and will dial home to the attacker’s computer, leaving the target exposed and giving the attacker a clear channel into the organization.so as you can see from this passage that it’s a very mean process but you know that’s what hackers do we destroy stuff ,well the black hats from the wild west to be more specific those are the hackers that destroys stuff.