How hackers find your weak spots

How hackers find your weak spots

The top four emthods hackers use to fool you

While there are an infinite number of social engineering exploits, typical ones include the following:

Stealing passwords: In this common maneuver, the hacker uses information from a social networking profile to guess a victim's password reminder question. This technique was used to hack Twitterand break into Sarah Palin's e-mail.

Friending: In this scenario, a hacker gains the trust of an individual or group and then gets them to click on links or attachments that contain malware that introduces a threat, such as the ability to exploit a weakness in a corporate system. For example, says Netragard CTO Adriel Desautels, he might strike up an online conversation about fishing and then send a photo of a boat he's thinking of buying.

Impersonation/social network squatting: In this case, the hacker tweets you, friends you or otherwise contacts you online using the name of someone you know. Then he asks you to do him a favor, like sending him a spreadsheet or giving him data from "the office." "Anything you see on a computer system can be spoofed or manipulated or augmented by a hacker," says Desautels.

Posing as an insider: Imagine all the information you could extract from an unknowing employee if you posed as an IT help desk worker or contractor. "Roughly 90% of the people we've successfully exploited during [vulnerability assessments for clients] trusted us because they thought we worked for the same company as them," Desautels says.

On the Netragard blog, he describes an exploit in which a Netragard worker posed as a contractor, befriended a group of the client's workers and set up a successful phishing scheme through which he gleaned employee credentials, eventually gaining entry to the entire corporate infrastructure.

Follow Us

Join the ARN newsletter!

Error: Please check your email address.

Tags hackerssecurity



 IN PICTURES: VeeamON Tour in Sydney and Melbourne (+ 17 photos)

IN PICTURES: VeeamON Tour in Sydney and Melbourne (+ 17 photos)

The VeeamON tour showcased company's upcoming release of the Veeam Availability Suite v9. Veeam product strategist, Rick Vanover led the discussions in Sydney and Melbourne about the upcoming v9 and other Veeam innovations for the new year.​ VeeamON was held on September 23 at the Museum of Sydney, Warrane Theatre, and at Melbourne Museum in Melbourne on September 24.

IN PICTURES: VeeamON Tour in Sydney and Melbourne (+ 17 photos)
 IN PICTURES: Greentree A/NZ Partners Explore Japan (+ 13 PHOTOS)

IN PICTURES: Greentree A/NZ Partners Explore Japan (+ 13 PHOTOS)

As part of a regular strategic planning program for select Greentree A/NZ partners, they enjoyed a week in Japan combining strategic planning sessions with sightseeing. Principals and their partners from Star Business Solutions, Endeavour Solutions, Addax Business Solutions, GT Business Solutions, bizlinkIT and Verde Group joined Greentree chief executive, Peter Dickinson, channel director, Graham Hill, and R&D director, Stephen Sims in Tokyo and took in Hiroshima, Kyoto and Hakone, including travel on the famed bullet train which hit a top speed of 296 KPH.

IN PICTURES: Greentree A/NZ Partners Explore Japan (+ 13 PHOTOS) is a channel management ecosystem that automates all major aspects of the entire sales, marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Show Comments