In the field of computer security,  “social engineering” is the study of individual behavior and the set of psychological strategies used by the anime aggressors in order to obtain information from the user (corporate, personal, sensitive data) or to induce him to perform a series of dangerous actions, overcoming safety barriers
– Knowing the techniques of Social Engineering is the best way to avoid becoming a victim.
Attack Strategies:
– Social engineers (social engineers) act by disguising their identity, deceiving to instill confidence in the victim, exploiting his availability, good faith and even a touch of curiosity.
– In most cases they are very skilled in human relationships, they are fascinating, polite and charming.
Almost everyone relies on the assumption that nobody will ever deceive us. The person carrying the attack is aware of this common belief and manages to make his request seem so reasonable as not to raise any suspicion while exploiting the victim.
Attack Strategies
– ‘The attacker pretends to be your friend, a colleague or an authoritative source in order to induce you to open files containing viruses or spyware or to perform a series of actions.
The social engineer generally sends an e-mail asking us to: • install an attached software (for example a fake Windows “security update”)
• or to read an attached document (PDF, DOC, other) or visit a certain dangerous site.
– ‘The attachment or site contains software that carries the infection or steals data.
Attack Strategies:
The techniques of social engineering also act via telephone.
The attacker, for example, pretending to be an information technician, after describing a dangerous situation on our computer, proposes an urgent solution that requires a series of confidential information to be reported.
At this point, despite the security systems we would have adopted, the hacker gets all the information he wants with this simple trick.