Chapter 5

Social Engineering

In This Chapter

arrow Discovering social engineering

arrow Examining the ramifications of social engineering

arrow Understanding and using social engineering techniques

arrow Protecting your organization against social engineering

Social engineering takes advantage of the weakest link in any organization’s information security defenses: people. Social engineering is “people hacking” and involves maliciously exploiting the trusting nature of human beings to obtain information that can be used for personal gain.

Social engineering is one of the toughest hacks to perpetrate because it takes bravado and skill to come across as trustworthy to a stranger. It’s also by far the toughest hack to protect against because people are involved. In this chapter, I explore the ramifications of social engineering, techniques for your own ethical hacking efforts, and specific countermeasures to defend against social engineering.

Introducing Social Engineering

Typically, malicious attackers pose as someone else to gain information they couldn’t access otherwise. They then take the information ...

Get Hacking For Dummies, 4th Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.