Book Image

Learn Social Engineering

Book Image

Learn Social Engineering

Overview of this book

This book will provide you with a holistic understanding of social engineering. It will help you to avoid and combat social engineering attacks by giving you a detailed insight into how a social engineer operates. Learn Social Engineering starts by giving you a grounding in the different types of social engineering attacks,and the damages they cause. It then sets up the lab environment to use different toolS and then perform social engineering steps such as information gathering. The book covers topics from baiting, phishing, and spear phishing, to pretexting and scareware. By the end of the book, you will be in a position to protect yourself and your systems from social engineering threats and attacks. All in all, the book covers social engineering from A to Z , along with excerpts from many world wide known security experts.

Preface

Who this book is for

What this book covers

To get the most out of this book

Free Chapter

Introduction to Social Engineering

Introduction to Social Engineering

Overview of social engineering

Applications of social engineering

The social engineering framework

Social engineering examples from Hollywood

The Psychology of Social Engineering – Mind Tricks Used

The Psychology of Social Engineering – Mind Tricks Used

Modes of thinking

Microexpressions

Human buffer overflow

Influence and Persuasion

Influence and Persuasion

Five fundamental aspects of persuasion

Setting up the environment

Reality alteration (framing)

Information Gathering

Information Gathering

Gathering information about targets

Targeting and Recon

Targeting and Recon

Old organizations

Organizational employees

Elicitation

Getting into conversations with strangers

Avoiding elicitation

Learning the skill of elicitation

Pretexting

Principles and planning of pretexting

Successful pretexting

Legal concerns of pretexting

Tools to enhance pretexts

Social Engineering Tools

Social Engineering Tools

The tools for social engineering

Prevention and Mitigation

Prevention and Mitigation

Learning to identify social engineering attacks

Mitigating social engineering attacks

Case Studies of Social Engineering

Case Studies of Social Engineering

What is social engineering?

Case studies of social engineering

Social engineering case study - Keepnet labs phishing simulation

Ask the Experts – Part 1

Ask the Experts – Part 1

Jonathan C. Trull

Marcus Murray and Hasain Alshakarti

Ask the Experts – Part 2

Ask the Experts – Part 2

Paula Januszkiewicz

Şükrü Durmaz and Raif Sarıca

Ask the Experts – Part 3

Ask the Experts – Part 3

Raymond P.L. Comvalius

Dr. Mitko Bogdansoki

Ozan Ucar and Orhan Sari

Ask the Experts – Part 4

Ask the Experts – Part 4

Oguzhan Filizlibay

Yalkin Demirkaya

Dr. Islam, MD Rafiqul, and Dr. Erdal Ozkaya

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Tips

The tips for avoiding elicitation are as follows:

Elicitation is the art of getting answers without asking questions. In other words, elicitation is what you say and how you say it. Based on NSA, elicitation is the process of extracting information from something or someone, and what you say and how you say it will determine your success.
The weakest links in an information-security chain are the people and social networks.
Social interaction with humans is much easier to manipulate than complex IT systems.
Tools are an important aspect of social engineering, but they do not make the social engineer. A tool alone is useless; but the knowledge of how to leverage and utilize that tool is invaluable (Christopher Hadnagy).
The best counter measure against elicitation is to know what to say and how much you say. This also applies to social media websites; sharing is good but...