If we talk about old days, a hacker often rely on the natural helpfulness as well as weaknesses of people whom he wanted to target. This tactic to break into a computer network by gaining the confidence of an authorized user and get them to reveal information that compromises the network's security is known as Social Engineering.
WHAT IS SOCIAL ENGINEERING
Social engineering is nothing but a non technical kind of intrusion that relies heavily on human interaction and involves manipulating people so they give up confidential information.
Social engineering was very effective those old days as well as today, as major targets are made victims using this old trick only and it is also one of the important components of many types of exploits like:
- Virus writers use social engineering tactics to persuade people to run malicious email attachments
- Phishers use social engineering tactics to convince people to disclose their sensitive information such as banking credentials and passwords
- Scareware vendors use social engineering to frighten people into running software that is useless at best and dangerous at worst
IMPORTANCE OF SOCIAL ENGINEERING
Now, the question rises, Why there is a need to understand Social engineering tactics and its importance in day-to-day life?
Security experts suggest that as our culture becomes more dependent on information, social engineering will remain the greatest threat to any security system. Prevention includes educating people about the value of information, training them to protect it, and the major part is, increasing people's awareness on how social engineers operate.
Christopher James Hadnagy, the President and Chief Human Hacker of Social-Engineer, Inc., wrote an absolute book on social engineering titled, Social Engineering: The Art of Human Hacking in which he detailed the entire lifecycle of social engineering and almost everything you needed to know about it.
Christopher is an American security consultant, author, and professional social engineer who has spent his last 16 years in security and technology, specializing in understanding the ways in which malicious attackers are able to exploit human weaknesses to obtain access to information and resources through manipulation and deceit.
In his recent released edition Unmasking the Social Engineer: The Human Element of Security (Special 50% OFF for THN Readers, Valid till August 31st, 2014), Christopher has detailed a more advanced science of understanding non-verbal communications along with the knowledge of how social engineers use these skills to build feelings of trust and relationship in their targets.
The author helps his readers to understand how they can identify and detect social engineers and scammers by analyzing their non-verbal behavior, that means body language and facial expressions. It helps you understand both the aspects, to make social engineering easier, and on the other hand, also to defend against social engineering attacks easier as well.
This simply means, if you can understand how a social engineer uses non-verbal behavior, then you can better defend yourself and your organization against them.
THE BOOK WALKS THE READER THROUGH
- Clearly combines both the practical and technical aspects of social engineering security
- Reveals the various dirty tricks that scammers use
- Pinpoints what to look for on the nonverbal side to detect the social engineer
- Understanding Nonverbal Displays of Comfort and Discomfort
- Decoding the Language of the Body
"The focus wasn't just to write another book about social engineering, but to present the materials in such a way that it made the information easy to grasp and use," says Christopher Hadnagy.