Categories
Security

Hacking VS Social Engineering

What is hacking?

It is a technique of modification in computer software and hardware to achieve the concerning goal outside of the creator’s original purpose.

In common usage, a hacker is a person who breaks into computers, usually by gaining access to administrative controls. The subculture that has evolved around hackers is often referred to as the computer underground.

via Wikipedia

Unauthorized attempts to bypass the security mechanisms of an information system or network.
via Wiktionary

Hacking or getting unauthorized access to a system is not a hot cake. A good hacker must be an outstanding programmer and he must be aware with the systematic working of computing. Or a good scripts kidy can be a good hacker if and until he knows the process of penetrating into a system.

What is Social Engineering?

Social engineering is the act of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical cracking techniques. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim.

“Social engineering” as an act of psychological manipulation was popularized by hacker-turned-consultant Kevin Mitnick. The term had previously been associated with the social sciences, but its usage has caught on among computer professionals.

via Wikipedia

Social Engineering is God gifted skill. For this you don’t need to be expertise in computing or in hacking.

Simply it helps you in controlling your nerves system against social threats in your daily activities or in your professional life.

Recommended book from BackTrack Community. Following is the title image taken from book title page.

Social Engineering - The art of human hacking.
Social Engineering - The art of human hacking.

Author starts with a story,

I set at an empty table wearing a business suite. I placed my briefcase on the table and waited for a suitable victim. In a few moments, just such a victim arrived with a friend and sat at the table next to mine, placing her bag on the seat beside her. As was probably her habit, she pulled the seat close and kept her hand on the bag at all times.

I needed to steal the entire bag, but, with her hand resting on it and her friend sitting opposite, she was beginning to look like bad news. But, after a few minutes, her friend left to find a restroom. The mark was alone so i gave Alex and Jess the signal.

Playing the part of a couple, Alex and Jess asked the mark if she would take a picture of them both. She was happy to do so. She removed her hand from her bag to take the camera and snap a picture of the “Happy couple” and, while distracted, i casually reached over, took her bag, and calmly locked it inside my briefcase. My victim was yet to notice the empty chair as Alex and Jess left the cafe. Once out of sight, Alex headed quickly for the parking garage.
It didn’t take long for her to realize her bag was gone. Instantly, she began to panic. She tood up and looked around, frantically. This was exactly what we were hoping for so, i asked her if she needed help.
She started to ask if i had seen anything. I told her i hadn’t but convinced her to sit down and think abuot what was in the bag. A phone,  Make-up. A little cash. And her credit cards. Bingo!! I asked who she banked with and then told her that i worked for that bank. What a stroke of luck! I reasurred her that everything would be fine but she would need to cancel her credit card right away. I called the “Help desk” number, which was actually

Alex, and handed my phone to her. She was hooked and it was now up to Alex to reel her in. Alex was downstairs in the van. On the dashboard, a CD player was playing office noises we had downloaded from the Internet. He kept the mark calm, strung her along, and then assured her that her card could easily be canceled but, to verify her identity, she needed to enter her PIN on the keypad of the phone she was using.

My phone and my keypad. You can guess the rest. Once we had her PIN, i left her with her friend and headed for the door. If we were real thiieves, we would have had access to her account via ATM withdrawals and chip and PIN purchases.

Fortunately for her, it was just a TV show and she was so happy when i came back to return her bag and tell her it was all a fake scam. She even thanked me for giving her bag back to which i replied. “Don’t thank me. I’m the one who stole it.”

No matter how secure a system is, there’s always a way to break through. Often, the human elements of the system are the easiest to manipulate and deceive. Creating a state of panic, using influence, manipulation tactics, or causing feelings of trust are all method use to put a victim at ease.”

You can buy this book from Amazon