Social Engineering

Social Engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access.

Social Engineer uses different methods like …

  • Phone-based Spoofing.
  • Vishing.
  • Web-based Phishing.
  • Email-based Phishing.
  • Attempts to gain physical access to the premises.
  • USB Drops (physical based).
  • Obtaining records, files, equipment, sensitive information, network access, etc.
  • Attempts to garner information to permit unauthorized network access.


How can You Face it?

Education

Knowlege is Power
Make your team aware by continues learning programs

Test

Run regular fack attacks to discover any weakness points

Tools

Use advanced cyber security tools to discover and acts fast