Social engineering is a term that describes a
non-technical kind of intrusion that relies heavily on human
interaction and often involves tricking other people to break normal
security procedures.
A social engineer runs what used to be called a "con
game." For example, a person using social engineering to break
into a computer network might try to gain the confidence of an
authorized user and get them to reveal information that compromises
the network's security. Social engineers often rely on the natural
helpfulness of people as well as on their weaknesses. They might, for
example, call the authorized employee with some kind of urgent
problem that requires immediate network access. Appeal to vanity,
appeal to authority, appeal to greed, and old-fashioned eavesdropping
are other typical social engineering techniques.
Social engineering is a component of many, if not
most, types of exploits. Virus writers use social engineering tactics
to persuade people to run malware-laden email attachments, phishers
use social engineering to convince people to divulge sensitive
information, and scareware vendors use social engineering to frighten
people into running software that is useless at best and dangerous at
worst.
Security experts propose that as our culture becomes
more dependent on information, social engineering will remain the
greatest threat to any security system. Prevention includes educating
people about the value of information, training them to protect it,
and increasing people's awareness of how social engineers operate.
SLA IT Employment Training Company conducts classes
in hardware and networking and covers Social Engineering as part of
the syllabus.For
more details visit SLA
or dial (91
44) 4200 5050/90.
No comments:
Post a Comment