Book Image

Learn Social Engineering

Book Image

Learn Social Engineering

Overview of this book

This book will provide you with a holistic understanding of social engineering. It will help you to avoid and combat social engineering attacks by giving you a detailed insight into how a social engineer operates. Learn Social Engineering starts by giving you a grounding in the different types of social engineering attacks,and the damages they cause. It then sets up the lab environment to use different toolS and then perform social engineering steps such as information gathering. The book covers topics from baiting, phishing, and spear phishing, to pretexting and scareware. By the end of the book, you will be in a position to protect yourself and your systems from social engineering threats and attacks. All in all, the book covers social engineering from A to Z , along with excerpts from many world wide known security experts.

Preface

Who this book is for

What this book covers

To get the most out of this book

Free Chapter

Introduction to Social Engineering

Introduction to Social Engineering

Overview of social engineering

Applications of social engineering

The social engineering framework

Social engineering examples from Hollywood

The Psychology of Social Engineering – Mind Tricks Used

The Psychology of Social Engineering – Mind Tricks Used

Modes of thinking

Microexpressions

Human buffer overflow

Influence and Persuasion

Influence and Persuasion

Five fundamental aspects of persuasion

Setting up the environment

Reality alteration (framing)

Information Gathering

Information Gathering

Gathering information about targets

Targeting and Recon

Targeting and Recon

Old organizations

Organizational employees

Elicitation

Getting into conversations with strangers

Avoiding elicitation

Learning the skill of elicitation

Pretexting

Principles and planning of pretexting

Successful pretexting

Legal concerns of pretexting

Tools to enhance pretexts

Social Engineering Tools

Social Engineering Tools

The tools for social engineering

Prevention and Mitigation

Prevention and Mitigation

Learning to identify social engineering attacks

Mitigating social engineering attacks

Case Studies of Social Engineering

Case Studies of Social Engineering

What is social engineering?

Case studies of social engineering

Social engineering case study - Keepnet labs phishing simulation

Ask the Experts – Part 1

Ask the Experts – Part 1

Jonathan C. Trull

Marcus Murray and Hasain Alshakarti

Ask the Experts – Part 2

Ask the Experts – Part 2

Paula Januszkiewicz

Şükrü Durmaz and Raif Sarıca

Ask the Experts – Part 3

Ask the Experts – Part 3

Raymond P.L. Comvalius

Dr. Mitko Bogdansoki

Ozan Ucar and Orhan Sari

Ask the Experts – Part 4

Ask the Experts – Part 4

Oguzhan Filizlibay

Yalkin Demirkaya

Dr. Islam, MD Rafiqul, and Dr. Erdal Ozkaya

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Elicitation

Perhaps the most important skill in the whole social engineering attack is that of drawing targets out to a point where they are open for exploitation. Elicitation is a powerful technique employed in key stages of the social engineering attack to make targets take on a path of behavior that the social engineer wants. An interesting definition of elicitation by the US National Security Agency (NSA) is that it is the subtle extraction of information during a normal conversation. Elicitation is one of the skills extensively taught to spies to ensure that they can munch out information from people without making it seem like they are actually being spied on. Conversations can take place just about anywhere and social engineers like to approach targets in locations that they (targets) are familiar with and thus feel comfortable with already when talking to new people. Humans...