Skip to main content

Computer-based social engineering


Computer-based social  engineering refers to attacks carried out with the help of computer software to get the desired information. Some of these attack  types are listed as follows:


  • Pop-up windows: Pop ups trick  users into clicking on a hyperlink that redirects them to visit an attacker's  web page, asking them to give away their personal information or asking them to download software that could have attached viruses in the backend.

  • Insider attack: This type of  attack is performed from inside the target network. Most insider attacks  are orchestrated by disgruntled employees who are not happy with their position in the organization or because they have personal grudges against another employee or the management.


  • Phishing: Spammers often send  e-mails  in bulk to e-mail accounts, for example, those claiming to be from the UK lottery department and informing you that you have won a  million pounds. They request you to click on a link in the e-mail to provide your credit card details or enter information such as your first name, address, age, and city. Using this method the  social engineer can  gather  social security numbers and network information.                                                   
 Related Post :- Social Engineering Toolkit (SET)

  • The "Nigerian 419" scam: In the  Nigerian scam, the attacker asks the target to make upfront payments or make money transfers. It is called 419 because "4-1-9" is a section of the Nigerian Criminal Code that  outlaws this practice. The attacker or scammers usually send the target e-mails or letters with some lucrative offers stating that their money has been trapped in some country that is currently at war, so they need help in taking out the money and that they will give the target a share, which never really comes. These scammers ask you to pay money or give them your bank account details to help them transfer the money. You are then asked to pay fees, charges, or taxes to help release or transfer the money out of the country through your bank. These "fees" may start out as small amounts. If paid, the scammer comes up with new fees that require payment before you can receive your "reward".   They will keep making up these excuses until they think they have got   all the money they can out of you. You will never be sent the money that   was  promised. 
  • Social engineering attack through a fake SMS: In this type of attack,   the social engineer will send an SMS to the target claiming to be from   the security department of their bank and also claiming that it is urgent   that the target call the specified number.  If the target  is not too technically sound, they will call the specified number and the attacker can get the desired information.

Like us on facebook :- Grey Hat Hackers 


NOTE: This is for educational purpose only we are not responsible for any type of inconvenience caused by reader.

Comments

Popular posts from this blog

Social Engineering Toolkit (SET)

Social Engineering Toolkit  (SET) is an advanced,  multifunctional, and easy-to-use computer-assisted social engineering toolset, created by the founders of  TrustedSec (https://www.trustedsec.com/). It helps you prepare the most effective way to exploit client-side application vulnerabilities and makes a fascinating attempt to capture the target's confidential information (for example, e-mail passwords). Some of the most efficient and useful attack methods employed by SET include targeted phishing e-mails with a malicious file attachment, Java applet attacks, browser-based exploitation, gathering website credentials, creating infectious portable media (USB/ DVD/CD), mass-mailer attacks, and other similar multiattack web vectors. This combination of attack methods provides you with a powerful platform to utilize and select the most persuasive technique that could perform an advanced attack against the human element.

 To start SET, navigate to  Applications  |  Kali Linux  |  Expl…

Cracking Wifi Using :Fern(GUI)

Fern(GUI)

As a part of Kali linux , fern can be directly used from kali linux , i would be recommending the use of kali because while using other linux environments it could be a trouble because while using fern it automatically detects the path of aircrack-ng and python installed , while in other environments it is needed to set it manually...so follow the following steps :-->

1.) Download kali linux iso and make a bootable pendrive .....if you dont know how to make bootable pendrive  then follow the steps given in blog of trinity rescue kit

Kali linux iso (amd64) recommended -->here
Link to trinity rescue kit blog --> here


 2.)Open Kali linux Goto Applications-->Wireless Attack--> Fern

3.)Select Interface card wlan0

4.)Double click any where in GUI

5.)Select enable x-terms ...so that you can view that happening ...while through a automated program...

6.)Click on select network

7.)Choose the type of network that is WEP/WPA

8.)I would recommend to add dictonary file .…

Deep Web - Part 1

What is deep web ?

Deep web Aka Invisible web Aka Hidden web are parts of the world wide web whose contents are not indexed by standard search engines.
LEVELS OF WORLD WIDE WEB :
SURFACE WEBBERGIE WEBDEEP WEBCHARTER WEBMARIANAS WEB SURFACE WEB :
The surface web also known as Visible web , Clearnet , Indexed web or Lightnet is that portion of the world wide web that is readily available to the general public and searchable with standard web search engines. Level of web where vast majority of internet users are connected to and which is accessible in any nation that does not block internet access.E.g: Social media sites like Facebook, informational websites like Wikipedia, general websites, etc

BERGIE WEB :

It is the part of world wide web that is not indexed by search-engines,which is directly accessible and no proxy required. E.g: Google locked results, recently web crawled old content, pirated media, pornography etc
DEEP WEB:
Deep web Aka Invisible web Aka Hidden web are parts of the wo…