Please enable JavaScript.
Coggle requires JavaScript to display documents.
SOCIAL ENGINEERING - Coggle Diagram
SOCIAL ENGINEERING
Lebanese looping
The perpetrator pretends to help the victim, tricking the person into entering her PIN again. Once the victim gives up, the thief removes the card and uses it and the PIN to withdraw money as much money as the ATM allows.
-
Social Engineering
the perpetrator has a conversation with someone to trick, lie to or otherwise deceive the victim.
perpetrator has information, knowledge, authority or confidence that make it appear that he or she belongs or knows what they are doing.
refers to techniques or phycological tricks used to get people to comply with the perpetrator's wishes in order to gain physical or logical access to building, computer, server or network.
-
Pretexting
Pretexting is using an invented scenario (the pretext) to increase the likelihood that a victim will divulge information or do something.
The pretext is more than just a simple lie: it usually involves creating legitimacy in the target's mind that makes impersonation possible.
One approach pretexters use is to pretend to conduct a security survey and lull the victim into disclosing confidential information by asking 10 innocent questions before asking the confidential ones
-
Posing
creating a seemingly legitimate business,collecting personal information while making a sale and delivering the product
Phishing
-
Usually a financial institution and requesting information or verification of information and often of a consequence if it is not provided
The request is bogus and the formation gathered is used to commit identify theft or to steal funds from the victim's account
-
Skimming
Double-swiping a credit card in a legitimate terminal or covertly swiping a credit card in small, hidden, handheld card reader that records credit card data for later use.
For example, commonly committed in retail outlets such as restaurants and carried out by employees with a legitimate reason to possess the victim's cards, annual skimming losses exceed $1 billion.
-
-
Carding
Activities performed on stolen credit cards, including making small online purchase to determine whether the card is still valid and selling stolen credit card numbers.
Eavesdropping
The equipment needed to set up a wiretap on an unprotected communications line is readily available at local electronics stores.
-
Example, one alleged wiretapping fraud involved Mark Koenig, a 28 year old telecommunications consultant and four associates. Federal agents say the team pulled crucial data about Bank of America customers from telephone lines and used it to make 5500 fake ATM cards.
Identity Theft
By carefully covering his track and having all bills sent to an address he controls, he identity thief can prolog the scheme
Until the theft is cleared up, victims often are denied loans and credit cards, refused phone contract and chased by debt collectors for money they do not owe.
Assuming someone's identity, usually for economic gain, by illegally obtaining and using confidential information.
Evil Twin
-
Hackers also use evil twins to unleash a wide variety of malware and to install software to attack other computers
Example: After a small coffee shop advertised free wireless Internet, there was an increase in identity thefts. The police discovered that a man living next to the coffee shop had set up an evil twin.
-
directing a DoS against it, or creating radio frequency interference around it.
-
-
Shoulder Surfing
-
Fraudsters have even placed Bluetooth-enabled devices inside locked gasoline pump handles to capture card data
perpetrators look over a person’s shoulders
in a public place to get information such as ATM PIN numbers or user IDs and passwords.
Example : In South America, a man hide a video camera in some bushes and pointed it at company president's computer, which was visible through a first-floor window.