Cyber-attacks and exploits are more prevalent. Comprehending the techniques of threat actors is essential for emulating them and enhancing one's skills as a penetration tester. This chapter addresses the predominant categories of attacks and exploits. The narrative commences by detailing assaults on the most vulnerable component, namely the human aspect. These assaults are referred to as social engineering attacks. Social engineering has served as the primary attack vector for numerous breaches and compromises in recent years. This subject covers numerous social engineering attacks, including phishing, vishing, pharming, spear phishing, whaling, and others. You will also acquire knowledge of social engineering techniques including elicitation, questioning, and mimicry, along with various motivational strategies (or ways of persuasion). You will also learn about shoulder surfing and how attackers exploit the “USB key drop” tactic to deceive users into installing malware and compromising their devices.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Social Engineering Attacks

  • Rajkumar Banoth,
  • Aruna Kranthi Godishala

摘要

Cyber-attacks and exploits are more prevalent. Comprehending the techniques of threat actors is essential for emulating them and enhancing one's skills as a penetration tester. This chapter addresses the predominant categories of attacks and exploits. The narrative commences by detailing assaults on the most vulnerable component, namely the human aspect. These assaults are referred to as social engineering attacks. Social engineering has served as the primary attack vector for numerous breaches and compromises in recent years. This subject covers numerous social engineering attacks, including phishing, vishing, pharming, spear phishing, whaling, and others. You will also acquire knowledge of social engineering techniques including elicitation, questioning, and mimicry, along with various motivational strategies (or ways of persuasion). You will also learn about shoulder surfing and how attackers exploit the “USB key drop” tactic to deceive users into installing malware and compromising their devices.