SocialEngineering attack is art of manipulation by attacker to get confidentialinformation from victim such as bank information, computer access password etc.Todo Social Engineering attack attacker need to take more than one step. Firstthey investigate the background of victim. They search for weak security pointto attack victim and after getting week security point attacker attack on thatget sensitive information from victim.Theattacker use different form of attack to get information from victim.
1. Theattacker use baiting attacks in which they lure to victim to steal personalinformation by using malware. For example attacker provides free software inonline to lure the victim, If victim get lure for this free software andproduct and to get free software and product victim fill the personal informationand that information go to attackers.
2. Theattacker use Scare ware technique. In scare ware technique when victim open thesome website it popup the message that your computer is infected with malware andcall to this number to get solve this problem. When victim call to this numberattacker claims that your computer has been infected and you need to buyuseless service from them.3. Theattacker use pretexting technique, in pretexting technique the attacker ask thequestion from victim by impersonating those police, tax official, and bank andgather the personal information from victim.4.
Theattacker use phishing scam in which attacker send email and text to victim. Whenvictim click on link it will go to malicious website which is illegitimatewebsite whose appearance is similar to legitimate version. So user doesn’tsuspect and enter their login id and password and send the information toattacker. Wecan use some step to prevent from social engineering attack1. Usershould not open email and attachment from unknown person.
Even they will getemail from known person they should cross check before open the email. Because emailaddress can spoof. even email will come from trusted source it can be initiateby attacker.2.
Usershould use multifactor authentication. The multifactor authentication can helpsto create another security layer for attacker. The Login protects 2FA solution increasethe security of the system and password vary with in one minute.
So it is noteasy for attacker to get password.3. Usershould not fall on trap of free product in advertisement. First they Google thetopic of free product which shown in advertisement and determine that do you needto accept this offer or not?4. Usershould keep antivirus/ antimalware updated.
So antivirus scans all system periodically anddetermines the virus and infection in your system.