Social Engineering

by : Matjaz

Social engineering is a collective noun for those techniques what malicious hackers use for preparation before the real attack against our computer system. They try to induce employes to break the general security policy of their company. These tricks are non-technical methods and usually they operate with psychological effects. They are very confident and they appeal to have the authority for what they are talking about.

Pretexting by phone, on the net, dumpster diving, trojan horse, road apple, phishing, persuasion are different kinds of techniques for social engineering.

It's a complex threat and can appear in very different ways but it's not impossible to avoid. The only thing that we should be aware of the information security, aware of the value of the information. Weaknesses of most people come from the inability to keep the speed with the developement of technology. We enjoy the advantages of the internet, of the webmarket but we can't size up what can happen to our private datas and the datas' of the company where we are working. We can't size up that our company is a target for hackers or not.

We must not give any information on phone, in e-mail and in any way when we can not check the person's authorization who asks private datas from us. We should take care to who we give information and we should follow the security procedures of our company.