Apr
15
Reverse Social Engineering
Written by siavash
Tag: cybercrime, cyberwarzone.com, hacker, Social Engineering, warzone
Reverse social engineering describes a situation in which the target or targets make the initial approach and offer the hacker the information that they want. Such a scenario may seem unlikely, but figures of authority particularly technical or social authority often receive vital personal information, such as user IDs and passwords, because they are above suspicion. For example, no Help Desk support worker would ask for a user ID or password from a caller; they solve problems without this information. Many users who have IT problems will volunteer these vital security elements to expedite a solution. The hacker does not even have to ask. Social engineering attacks are not reactive, as this scenario suggests.
A social engineering attack creates a situation, advertises a solution, and provides assistance when requested, perhaps as simply as in the following scenario:
A coworker hacker renames or moves a file so that the target thinks that it no longer exists. The hacker speculates that they can get the file back. The target, keen to get on with their work, or concerned that the loss of the information could be their own fault, leaps at this offer. The hacker states that this could only be done if they were to log on as the target. He or she may even say company policy prohibits this. The target will beg the hacker to log on as them and try to reinstate the file. Grudgingly, the hacker agrees, reinstates the original file, and steals the target’s user ID and password. He or she has even embellished their reputation such that they receive requests to assist other coworkers. This approach can bypass the regular IT support channels and make it easier for the hacker to remain unnoticed.
It is not always necessary to be familiar or even meet a target to use reverse social engineering. Imitating problems or issues using dialog boxes can be effective in a non-specific, reverse social engineering attack. The dialog box announces that there is a problem or that an update is necessary to continue. The dialog box offers a download to solve the problem. When the download is complete, the engineered problem disappears, and the user continues working, oblivious to the fact that they have breached security and downloaded a malware program.
ATTACK GOALS
- Theft of identity Hacker receives user ID and password from authorized user.
- Theft of information Hacker uses authorized user ID and password to gain access to company files.
- Download malware Hacker tricks a user into clicking a hyperlink or opening an attachment, thus infecting the company network.
- Download hacker’s software Hacker tricks a user into clicking a hyperlink or opening an attachment, thus downloading a hacker program, such as a mail engine, that uses company network resources.
Tweet
Memorial
Knowledge is suppressed because of its power to change.
Online since 30-jan-2010
Security tips #1
Donate
Donate & Help us out. Server(
cost money.
Security tips #2
Avoiding Social Engineering and Phishing Attacks
Dealing with Cyberbullies
Preventing and Responding to Identity Theft
Recognizing and Avoiding Spyware
Recovering from Viruses, Worms, and Trojan Horses
Understanding Denial-of-Service Attacks
Understanding Hidden Threats: Corrupted SoftwareFiles
Understanding Hidden Threats: Rootkits and Botnets
Who's new
- ciberprov
- michael.nguyen
- mornjinfeng
- aniketdaptardar
- hadriker
- Alanw
Security vids #1
Team Cymru Research NFP is a specialized Internet security research firm and 501(c)3 non-profit dedicated to making the Internet more secure. Team Cymru helps organizations identify and eradicate problems in their networks, providing insight that improves lives.
Team Cymru the video series 1 to 10
Team Cymru the video series 11 to 20
Team Cymru the video series 21 to 30
Team Cymru the video series 31 to 40
Team Cymru the video series 41 to 50
Team Cymru the video series 51 to 60
Who's online
There are currently 0 users and 19 guests online.
Security vids #2
The Center for Education and Research in Information Assurance and Security (CERIAS) is currently viewed as one of the world’s leading centers for research and education in areas of information security that are crucial to the protection of critical computing and communication infrastructure.
CERIAS is unique among such national centers in its multidisciplinary approach to the problems, ranging from purely technical issues (e.g., intrusion detection, network security, etc) to ethical, legal, educational, communicational, linguistic, and economic issues, and the subtle interactions and dependencies among them.
CERIAS Security: Attribute-Based Access Control
CERIAS Security: Information Flow Analysis in Security Enhanced Linux
CERIAS Security: Towards Mining Syslog Data
Weapons of Mass Disruption Gallery Launch: Reitinger Remarks
Weapons of Mass Disruption: Mike McConnell on The Nightmare Scenario
Comments
Why do people fall for social engineering techniques?
People are fooled every day by Social Engineers because they haven’t been adequately warned about them. Human behavior is always the weakest link in any security program. And who can blame them? Without the proper education, most people won’t recognize a social engineer’s tricks because they are often very sophisticated.
This is why i love to learn more about mankind.
What are our weaknesses? do we trust too fast ? are we to blame for these weaknesses?
Because an social engineer knows these weak spots and exploits them.
I loved the movie Matchstick men. In this movie an "scammer" gets " scammed" by his own student.
Post new comment