types of social engineering attacks

Social Engineering:
 It involves psychological manipulation on users making them share confidential information by making trust relation.
Following are some types of social engineering attacks.

Phishing:
  Tools used for attack: Emails
 Attacking sends mails seeming like legitimate user. Intention could be steal user data like credit cards, username password.  Mail could have malicious link or a downloadable.


Spear Phishing
Tools used for attack: Emails
Attacking sends mails seeming like legitimate user targeting a specific group or a person.
Intention could be to steel confidential information.

Whaling
Attacker targeting people are executive level or any influential position.

Vishing:
  Tools used for attack: Phone
Attacker using telephone to persuade user in providing sensitive information

Tailgating or piggybacking:
Tools used for attack:  None
Person gaining to un authorized area by impersonating or by persuading a person to gain accessing using interpersonal skills.



Dumpster Diving:
Tools used for attack:  None
Attacker searchers through trash or garbage or in and around user to get user information.


Shoulder Surfing:
  Tools used for attack:  no tool, physical requires building trust.
Attacker hovers or spies over a user, while user enters PIN at atm or passwords.



Watering Hole Attack
  Tools used for attack:  websites
Attacker infects websites which user access and send intern infect the user when he accessing the infected website.

No comments:

Post a Comment