Book Image

Learn Social Engineering

Book Image

Learn Social Engineering

Overview of this book

This book will provide you with a holistic understanding of social engineering. It will help you to avoid and combat social engineering attacks by giving you a detailed insight into how a social engineer operates. Learn Social Engineering starts by giving you a grounding in the different types of social engineering attacks,and the damages they cause. It then sets up the lab environment to use different toolS and then perform social engineering steps such as information gathering. The book covers topics from baiting, phishing, and spear phishing, to pretexting and scareware. By the end of the book, you will be in a position to protect yourself and your systems from social engineering threats and attacks. All in all, the book covers social engineering from A to Z , along with excerpts from many world wide known security experts.

Preface

Who this book is for

What this book covers

To get the most out of this book

Free Chapter

Introduction to Social Engineering

Introduction to Social Engineering

Overview of social engineering

Applications of social engineering

The social engineering framework

Social engineering examples from Hollywood

The Psychology of Social Engineering – Mind Tricks Used

The Psychology of Social Engineering – Mind Tricks Used

Modes of thinking

Microexpressions

Human buffer overflow

Influence and Persuasion

Influence and Persuasion

Five fundamental aspects of persuasion

Setting up the environment

Reality alteration (framing)

Information Gathering

Information Gathering

Gathering information about targets

Targeting and Recon

Targeting and Recon

Old organizations

Organizational employees

Elicitation

Getting into conversations with strangers

Avoiding elicitation

Learning the skill of elicitation

Pretexting

Principles and planning of pretexting

Successful pretexting

Legal concerns of pretexting

Tools to enhance pretexts

Social Engineering Tools

Social Engineering Tools

The tools for social engineering

Prevention and Mitigation

Prevention and Mitigation

Learning to identify social engineering attacks

Mitigating social engineering attacks

Case Studies of Social Engineering

Case Studies of Social Engineering

What is social engineering?

Case studies of social engineering

Social engineering case study - Keepnet labs phishing simulation

Ask the Experts – Part 1

Ask the Experts – Part 1

Jonathan C. Trull

Marcus Murray and Hasain Alshakarti

Ask the Experts – Part 2

Ask the Experts – Part 2

Paula Januszkiewicz

Şükrü Durmaz and Raif Sarıca

Ask the Experts – Part 3

Ask the Experts – Part 3

Raymond P.L. Comvalius

Dr. Mitko Bogdansoki

Ozan Ucar and Orhan Sari

Ask the Experts – Part 4

Ask the Experts – Part 4

Oguzhan Filizlibay

Yalkin Demirkaya

Dr. Islam, MD Rafiqul, and Dr. Erdal Ozkaya

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Introduction

Elicitation is one of the low risk and well-concealed social engineering techniques that has impressive results. There are some factors that make elicitation uniquely successful that have, over time, been engrained in humans. These are as follows:

Desire of many people to be polite to strangers
Desire from professionals to appear knowledgeable when questioned
Desire of most people not to lie to people who appear to be genuinely concerned
Willingness of many people to answer well-posed questions about themselves

Let's take a real-life example of how some of these factors play a part in normal conversations and how a social engineer can take advantage of them. Let's say that there is a corporate event where people get to interact with key members of staff in the organization. A social engineer could make his or her way to the Chief Finance Officer (CFO)...