Social Engineering is the act of manipulating people into performing actions. The objective is to trick someone into providing their valuable information or access to that information. This technique was mainly used by hackers to gain access to buildings, systems or data by exploiting human psychology rather than breaking in or using technical hacking methods. This technique has been practiced for ages; it was popularized as “Social Engineering” in the 90’s by famous hacker Kevin Mitnick. Currently he is an international information security consultant, and carries out testing a company’s security strengths and weaknesses.
Teenagers may not take Social Engineering risks seriously because they think that these techniques are mainly orchestrated on large organizations to gain access to their information. However the fact is criminals of the present generation are using this technique to gain access to homes and bank accounts primarily for money and teenagers are good targets. Social Engineering criminals are everywhere and are on the lookout to gain information with an objective to trick someone and make a profit out of it. We are prone to or may have become a victim to these attacks without our knowledge.
We may become a target to divulge information about our school, parents, or home etc. Which may not seem suspicious but could be used to carry out a criminal act? Social Engineers are skilled people who gain our trust and confidence. They disguise themselves as normal people and have the ability to extract any kind of information. A major Social Engineering scam that caught the attention of the public in 2010was the famous Wikileaks initiated by Julian Assange to gain sensitive information from several countries. These kinds of attacks have caused great threat to an organization’s information and assets for which they are taking several security measures to protect them.
We are prone to social engineering attacks when someone calls us representing themselves as the school’s computer administrator to gain your system password. If you are not alert to crosscheck their identity, you may share your system password with the hacker. He may also gain access to our online accounts when we log-in to our account using the same password. The hacker can initiate a cyber bullying act on our contacts and damage our reputation online. This is one such way of getting our information, but social engineers use other ways such as making friendly conversations with you as they enter school pretending to be related to your school mate, thereby gaining entry into the school premises. Such hackers may enter the school premises to steal school related documents or try to gain information about the location of valuable assets to burgle them at a later time.
Another such incident could be on our visit to the mall where someone approaches us to participate in a lucky dip competition by sharing that the winner will get a car, smart device, etc. We get excited about the gift and give our personal information. This technique called “quid-pro-quo”, or “give and take policy “mayor may not bring us any loss, but the people who are using our information are making profits by selling it to online merchants, data collecting companies, etc. ,
We have to know that our personal information is our identity and we need to safeguard our information.