SOCIAL ENGINEERING

Author: Anderson De Jesus Sandoval Nuñez.

Summary

Social engineering is the technique to obtain confidential information through the

manipulation of legitimate users, this term is normally applied to that of a scam or a
simple fraud, in most cases the attacker never comes face to face with the victim It
also involves tricking people into giving up your personal information such as
passwords or bank details, or by allowing access to a computer in order to
inadvertently install malicious software. Thieves and scammers use social
engineering because it is easier to trick someone into revealing their password
than to violate their security.

Key words: social engineering, information, security and infringement.

Introduction

For Social Engineering continues to be the method of propagation of computer

attacks most used by malware creators, who take advantage of any means of
communication to involve users and end users falling into a trap that usually points
to a economic fin. Social Engineering can be defined as a social action or conduct
aimed at obtaining information from people who access a system. It is the art of
obtaining from a third party that information of interest to the attacker through
social skills. These pyractics are related to communication between human
beings. Then, a root of various types of tricks, tricks and tricks points to the user
committing to the system and revealing valuable information through actions
ranging from a click to answering a phone call and that can lead to the loss of
information. confidential -personal or the company for which the user works, even
worse, to put it in the hands of malicious people seeking financial credit.
Methodology

Social engineering is the term used to exploit the weaknesses of human behavior
to gain access to an organization or system, or to invade the physical or virtual
space of an organization.

In the experience of penetration testing experts from the International Institute of

Cyber Security, social engineers use a wide variety of methods to gain access to
confidential or proprietary information, and the ingenuity of malicious attackers
means that new methods and new ways are always invented. to break logical
security and perimeter security.

principles of social engineering. The principles of social engineering are based

on those set forth by Kevin D. Mitnick, the most recognized Social Engineer and
expert in computer security in recent times, who says that there are 4 key points to
carry out This technique: -We all want to help.-We all like to be praised.-We do not
like to say no.-The first movement is always to trust the other.

why do we fall in the trap? We are exposed to falling In this trap, since according
to the psychologist and writer Dr. Roberto Cialdini, there are weapons of influence
that the human being has almost automatically programmed in his behavior:
-Taste. -Reciprocity.-Commitment and consistency. -The scarcity.-The social test.-
The authority.

Conclusión

Social engineering is one of the new modus operandi of hackers and scammers on
an electronic and personal level. This is a serious information problem since we do
not have what is required to stop these “Social Engineers”. It is not just about
protecting our computers with simple antivirus and antispyware programs since
these only have the function of notifying us when they have entered our systems
and we have to start cleaning and repairing errors that could arise with the
intrusion of these individuals.