Book Image

Learn Social Engineering

Book Image

Learn Social Engineering

Overview of this book

This book will provide you with a holistic understanding of social engineering. It will help you to avoid and combat social engineering attacks by giving you a detailed insight into how a social engineer operates. Learn Social Engineering starts by giving you a grounding in the different types of social engineering attacks,and the damages they cause. It then sets up the lab environment to use different toolS and then perform social engineering steps such as information gathering. The book covers topics from baiting, phishing, and spear phishing, to pretexting and scareware. By the end of the book, you will be in a position to protect yourself and your systems from social engineering threats and attacks. All in all, the book covers social engineering from A to Z , along with excerpts from many world wide known security experts.

Related Content you might be interested in

Current Title:

Small book image
Learn Social Engineering
Apr, 2018 | 566 pages
Small book image
The Art of Social Engineering
Desilda Toska | Cesar Bravo
Oct, 2023 | 234 pages
Small book image
Hands-On Cybersecurity for Finance
Erdal Ozkaya | Milad Aslaner
Jan, 2019 | 308 pages
Small book image
Cybersecurity: The Beginner's Guide
Erdal Ozkaya
May, 2019 | 396 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Disclaimer
Free Chapter
1
Introduction to Social Engineering
Introduction to Social Engineering
Overview of social engineering
Applications of social engineering
The social engineering framework
Social engineering examples from Hollywood
Tips
Summary
2
The Psychology of Social Engineering – Mind Tricks Used
The Psychology of Social Engineering – Mind Tricks Used
Introduction
Modes of thinking
Microexpressions
NLP
Human buffer overflow
Tips
Summary
3
Influence and Persuasion
Influence and Persuasion
Introduction
Five fundamental aspects of persuasion
Setting up the environment
Reality alteration (framing)
Manipulation
Summary
4
Information Gathering
Information Gathering
Introduction
Gathering information about targets
Tips
Summary
5
Targeting and Recon
Targeting and Recon
Introduction
Banks
Old organizations
Organizational employees
Elderly people
Well-wishers
Tips
Summary
6
Elicitation
Elicitation
Introduction
Getting into conversations with strangers
Preloading
Avoiding elicitation
Learning the skill of elicitation
Tips
Summary
7
Pretexting
Pretexting
Introduction
Principles and planning of pretexting
Google hacking
Successful pretexting
Legal concerns of pretexting
Tools to enhance pretexts
Tips
Summary
8
Social Engineering Tools
Social Engineering Tools
The tools for social engineering
Tips
Summary
9
Prevention and Mitigation
Prevention and Mitigation
Learning to identify social engineering attacks
Mitigating social engineering attacks
Summary
10
Case Studies of Social Engineering
Case Studies of Social Engineering
What is social engineering?
Case studies of social engineering
Social engineering case study - Keepnet labs phishing simulation
Tips
Summary
11
Ask the Experts – Part 1
Ask the Experts – Part 1
Troy Hunt
Jonathan C. Trull
Marcus Murray and Hasain Alshakarti
Emre Tinaztepe
Milad Aslaner
12
Ask the Experts – Part 2
Ask the Experts – Part 2
Paula Januszkiewicz
Şükrü Durmaz and Raif Sarıca
Andy Malone
Chris Jackson
Daniel Weis
13
Ask the Experts – Part 3
Ask the Experts – Part 3
Raymond P.L. Comvalius
George Dobrea
Dr. Mitko Bogdansoki
Ozan Ucar and Orhan Sari
Sami Lahio
14
Ask the Experts – Part 4
Ask the Experts – Part 4
Oguzhan Filizlibay
Yalkin Demirkaya
Leyla Aliyeva
Aryeh Goretsky
Dr. Islam, MD Rafiqul, and Dr. Erdal Ozkaya
15
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Applications of social engineering

Social engineering is actually used in many setups and professions by people and institutions, discussed here as follows:

  • Lawyers and psychologists: These groups of people have to get people into a certain state of mind to manipulate their minds. They use the same tactics as any other social engineer would use. It is just that they use them with non-malicious intentions. Through these tactics, they are able to conduct successful interrogations and interviews and get people to reveal information that they would otherwise withhold.
  • Governments: Governments have to use social engineering to have control over the people that they govern. One of the key ways of social engineering people is by using authority. Governments are in control of most of the authority in the country and human brains are conditioned to adhere to authority. Another way is by using scarcity. If it is not there, governments will create scarcity so that they can retain the perception in people's minds that they (governments) are the ones still in charge. Scarcity can be of many things, such as information, money, or even food. In countries such as North Korea, food and information scarcity is abused by the regime in power to keep people obedient.
  • Salespeople: They have mastered the art of convincing people to buy things including those that they have no need for. Salespeople are good social engineers since they are good at using multiple people skills to elicit demand for their products from potential customers. Today, salespeople are leveraging technology to assist them with information gathering and influencing people to buy certain products. Social engineering is playing a key role in all this.
  • Recruiters: The human resource (HR) departments in most organizations are occupied by expert social engineers. Recruiters have mastered the art of reading people's minds to find out what really drives them and their suitability for advertised positions. Social engineering is used to get applicants to open up and divulge information that could help HR determine whether or not to hire them.
  • Spies: Spies are extensively taught special social engineering techniques that they employ to fool people into believing that they are the people they have been posted as. They are also taught how to use social engineering tactics to collect intelligence from unsuspecting people. Spies can easily get confessions from hardcore criminals due to social engineering. Even when compromised, they can recover their secret identities using social engineering. Social engineering means survival for them and they are therefore extremely good at it.
  • Scammers: Scams are mostly made possible by social engineering. A con artist must know how to attract people into buying a con without question. Con artists identify their marks from afar and study them over time. They pick up critical cues about their marks until they have enough information to hit them. Scammers have perfected the art of creating certain scenarios that are irresistible to their marks. It is through social engineering that all this is made possible.
  • Identity thieves: Identity theft is a crime bigger than just stealing someone's name, bank account, address, and financial details. An identity thief at times has to become the person that he or she has stolen an identity from in order to commit a bigger crime that has higher returns. This is where social engineering comes into play. An identity thief will use different tactics to get along with people in the life of the victim. An identity thief will exploit the status of the victim's profile to get favors done for him. If the identity that has been stolen is of a senior staff member at an organization, the identity thief could use authority to coerce finance employees to make some unverified payments. Identity theft is highly supported by social engineering.

All these people use social engineering in both positive and negative ways. However, the focus of this book is social engineering for malicious purposes. It is a major concern for many people, organizations, and governments. It has made many lose faith in the protection of their systems.

Previous Section
End of Section 3
Next Section