The ever advancing field of technology is an amazing feat that the human race has developed. With any strive forward, there is always negatives that come with it. Throughout history mankind has always been curious and wanted to find out way to circumvent the systems that they use. Mankind does it out of curiosity and malicious intent though. Technology has quickly attempted to block these malicious attacks through new security measures and proper training, but malicious users will always find a way. These malicious users began using a technique called social engineering to infiltrate into places they were not allowed into. So what is social engineering when defined in a technology environment? Hadnagy defines social engineering as the art or
…show more content…
Why would someone willing give away secrets or their own information to an unknown person? The human decision making process plays a large role in how people react with the world. AL-Msloum and AL-Johani explain that most people have a preconceived cognitive bias for most scenarios that they experience (2013). Cognitive bias is how the human brain looks at a scenario and alters it to fit what is expected. Many social cognitive bias can be abused by malicious attackers when social engineering a victim out of information. The attacks can be as simple as sending an email out from a Nigerian prince who is in need of assistance in withdrawing money from his oversea account. The email states that there is a problem with how the prince can access the money and request that the user help the price for a fee. The prince is actually fictional and the malicious user is trying to get the user invested enough to send the attacker money for an increased amount later. The social engineering attack is known as phishing. The attacker is playing on the user’s cognitive bias and greed thinking that if they do just this one thing they will make a lot more money later. People fall into these traps easily because of our tendencies to think a certain way. The best method to prevent ourselves from following our cognitive bias is having continuously updated awareness training. A study …show more content…
When it comes to social engineering, malicious attackers prey upon this fact and use it to their advantage. In a lot of the cases resulting in data loss, the victim never suspected anything to be wrong because they thought the person they were working with was legitimate (Watson, Ackroyd, & Mason, 2014). This attack is sometimes called an impersonation attack. An impersonation attack can be in person, over the internet, or by phone. Some attackers have cold called large tech firms using different extension and tell them that they are tech support. The attackers will continue to call until they reach someone who has already placed asked for help. The victim trust that the person calling is tech support because the outlying factors match their expectation of help. This allows the attacker to essential talk the victim into anything that they want. These attacks are becoming more and more common with fake Microsoft technical personal calling homes. The attacker tells the victim that there software has detecting a virus running on the victim’s computer and continue from there. The largest issue is people without the knowledge of how the technology industries works almost automatically trust a person who they believe have authority. Kahneman and Tversky state that the human mind will immediately revert to the engrained knowledge of a bias that is developed over time (1972). Basically stating
Why would someone willing give away secrets or their own information to an unknown person? The human decision making process plays a large role in how people react with the world. AL-Msloum and AL-Johani explain that most people have a preconceived cognitive bias for most scenarios that they experience (2013). Cognitive bias is how the human brain looks at a scenario and alters it to fit what is expected. Many social cognitive bias can be abused by malicious attackers when social engineering a victim out of information. The attacks can be as simple as sending an email out from a Nigerian prince who is in need of assistance in withdrawing money from his oversea account. The email states that there is a problem with how the prince can access the money and request that the user help the price for a fee. The prince is actually fictional and the malicious user is trying to get the user invested enough to send the attacker money for an increased amount later. The social engineering attack is known as phishing. The attacker is playing on the user’s cognitive bias and greed thinking that if they do just this one thing they will make a lot more money later. People fall into these traps easily because of our tendencies to think a certain way. The best method to prevent ourselves from following our cognitive bias is having continuously updated awareness training. A study …show more content…
When it comes to social engineering, malicious attackers prey upon this fact and use it to their advantage. In a lot of the cases resulting in data loss, the victim never suspected anything to be wrong because they thought the person they were working with was legitimate (Watson, Ackroyd, & Mason, 2014). This attack is sometimes called an impersonation attack. An impersonation attack can be in person, over the internet, or by phone. Some attackers have cold called large tech firms using different extension and tell them that they are tech support. The attackers will continue to call until they reach someone who has already placed asked for help. The victim trust that the person calling is tech support because the outlying factors match their expectation of help. This allows the attacker to essential talk the victim into anything that they want. These attacks are becoming more and more common with fake Microsoft technical personal calling homes. The attacker tells the victim that there software has detecting a virus running on the victim’s computer and continue from there. The largest issue is people without the knowledge of how the technology industries works almost automatically trust a person who they believe have authority. Kahneman and Tversky state that the human mind will immediately revert to the engrained knowledge of a bias that is developed over time (1972). Basically stating