- Blog Categories
- Project Management
- Agile Management
- IT Service Management
- Cloud Computing
- Business Management
- BI And Visualisation
- Quality Management
- Cyber Security
- Most Popular Blogs
- PMP Exam Schedule for 2025: Check PMP Exam Date
- Top 60+ PMP Exam Questions and Answers for 2025
- PMP Cheat Sheet and PMP Formulas To Use in 2025
- What is PMP Process? A Complete List of 49 Processes of PMP
- Top 15+ Project Management Case Studies with Examples 2025
- Top Picks by Authors
- Top 170 Project Management Research Topics
- What is Effective Communication: Definition
- How to Create a Project Plan in Excel in 2025?
- PMP Certification Exam Eligibility in 2025 [A Complete Checklist]
- PMP Certification Fees - All Aspects of PMP Certification Fee
- Most Popular Blogs
- CSM vs PSM: Which Certification to Choose in 2025?
- How Much Does Scrum Master Certification Cost in 2025?
- CSPO vs PSPO Certification: What to Choose in 2025?
- 8 Best Scrum Master Certifications to Pursue in 2025
- Safe Agilist Exam: A Complete Study Guide 2025
- Top Picks by Authors
- SAFe vs Agile: Difference Between Scaled Agile and Agile
- Top 21 Scrum Best Practices for Efficient Agile Workflow
- 30 User Story Examples and Templates to Use in 2025
- State of Agile: Things You Need to Know
- Top 24 Career Benefits of a Certifed Scrum Master
- Most Popular Blogs
- ITIL Certification Cost in 2025 [Exam Fee & Other Expenses]
- Top 17 Required Skills for System Administrator in 2025
- How Effective Is Itil Certification for a Job Switch?
- IT Service Management (ITSM) Role and Responsibilities
- Top 25 Service Based Companies in India in 2025
- Top Picks by Authors
- What is Escalation Matrix & How Does It Work? [Types, Process]
- ITIL Service Operation: Phases, Functions, Best Practices
- 10 Best Facility Management Software in 2025
- What is Service Request Management in ITIL? Example, Steps, Tips
- An Introduction To ITIL® Exam
- Most Popular Blogs
- A Complete AWS Cheat Sheet: Important Topics Covered
- Top AWS Solution Architect Projects in 2025
- 15 Best Azure Certifications 2025: Which one to Choose?
- Top 22 Cloud Computing Project Ideas in 2025 [Source Code]
- How to Become an Azure Data Engineer? 2025 Roadmap
- Top Picks by Authors
- Top 40 IoT Project Ideas and Topics in 2025 [Source Code]
- The Future of AWS: Top Trends & Predictions in 2025
- AWS Solutions Architect vs AWS Developer [Key Differences]
- Top 20 Azure Data Engineering Projects in 2025 [Source Code]
- 25 Best Cloud Computing Tools in 2025
- Most Popular Blogs
- Company Analysis Report: Examples, Templates, Components
- 400 Trending Business Management Research Topics
- Business Analysis Body of Knowledge (BABOK): Guide
- ECBA Certification: Is it Worth it?
- How to Become Business Analyst in 2025? Step-by-Step
- Top Picks by Authors
- Top 20 Business Analytics Project in 2025 [With Source Code]
- ECBA Certification Cost Across Countries
- Top 9 Free Business Requirements Document (BRD) Templates
- Business Analyst Job Description in 2025 [Key Responsibility]
- Business Analysis Framework: Elements, Process, Techniques
- Most Popular Blogs
- Best Career options after BA [2025]
- Top Career Options after BCom to Know in 2025
- Top 10 Power Bi Books of 2025 [Beginners to Experienced]
- Power BI Skills in Demand: How to Stand Out in the Job Market
- Top 15 Power BI Project Ideas
- Top Picks by Authors
- 10 Limitations of Power BI: You Must Know in 2025
- Top 45 Career Options After BBA in 2025 [With Salary]
- Top Power BI Dashboard Templates of 2025
- What is Power BI Used For - Practical Applications Of Power BI
- SSRS Vs Power BI - What are the Key Differences?
- Most Popular Blogs
- Data Collection Plan For Six Sigma: How to Create One?
- Quality Engineer Resume for 2025 [Examples + Tips]
- 20 Best Quality Management Certifications That Pay Well in 2025
- Six Sigma in Operations Management [A Brief Introduction]
- Top Picks by Authors
- Six Sigma Green Belt vs PMP: What's the Difference
- Quality Management: Definition, Importance, Components
- Adding Green Belt Certifications to Your Resume
- Six Sigma Green Belt in Healthcare: Concepts, Benefits and Examples
- Most Popular Blogs
- Latest CISSP Exam Dumps of 2025 [Free CISSP Dumps]
- CISSP vs Security+ Certifications: Which is Best in 2025?
- Best CISSP Study Guides for 2025 + CISSP Study Plan
- How to Become an Ethical Hacker in 2025?
- Top Picks by Authors
- CISSP vs Master's Degree: Which One to Choose in 2025?
- CISSP Endorsement Process: Requirements & Example
- OSCP vs CISSP | Top Cybersecurity Certifications
- How to Pass the CISSP Exam on Your 1st Attempt in 2025?
- More
- Tutorials
- Practise Tests
- Interview Questions
- Free Courses
- Agile & PMP Practice Tests
- Agile Testing
- Agile Scrum Practice Exam
- CAPM Practice Test
- PRINCE2 Foundation Exam
- PMP Practice Exam
- Cloud Related Practice Test
- Azure Infrastructure Solutions
- AWS Solutions Architect
- AWS Developer Associate
- IT Related Pratice Test
- ITIL Practice Test
- Devops Practice Test
- TOGAF® Practice Test
- Other Practice Test
- Oracle Primavera P6 V8
- MS Project Practice Test
- Project Management & Agile
- Project Management Interview Questions
- Release Train Engineer Interview Questions
- Agile Coach Interview Questions
- Scrum Interview Questions
- IT Project Manager Interview Questions
- Cloud & Data
- Azure Databricks Interview Questions
- AWS architect Interview Questions
- Cloud Computing Interview Questions
- AWS Interview Questions
- Kubernetes Interview Questions
- Web Development
- CSS3 Free Course with Certificates
- Basics of Spring Core and MVC
- Javascript Free Course with Certificate
- React Free Course with Certificate
- Node JS Free Certification Course
- Data Science
- Python Machine Learning Course
- Python for Data Science Free Course
- NLP Free Course with Certificate
- Data Analysis Using SQL
Exploiting the Weakest Link in Security Through Social Engineering
Updated on Nov 07, 2020 | 11 min read
Share:
Table of Contents
Social engineering, as per Wikipedia, is the psychological manipulation of people into performing actions or divulging confidential information. In simpler terms, social engineering is taking advantage of a victim’s natural tendencies and emotional reactions. Social engineering is more interesting than it sounds! It involves various techniques including tricking the victim into sharing the OTP, Debit Card PIN, or their computer passwords. There have been attacks in the past where the attacker simply called up the data center, posing as a high-ranking official of the company, and manipulated the data center administrator into telling him the exact models of the servers residing in the data center.
Social engineering can be done at various steps of hacking, but typically, it is done at the time of information gathering or the reconnaissance phase. In the above example, the attacker may have likely got the server details like model number and maybe the operating system running on it. Once the attacker has this basic information, it is very easy to find the vulnerabilities in the OS and hardware using online sources like NVD (National Vulnerabilities Database) and CVE (Common Vulnerabilities and Exposures by Mitre).
In this article, we will briefly look at what is Ethical Hacking to set the context for social engineering, various steps of ethical hacking and then take a deep dive into various techniques of social engineering. We will have a look at some recent data breaches where social engineering was used and finally some tips to safeguard your organization and yourself from social engineering attacks.
What is Ethical Hacking?
Hacking is a word which raises eyebrows every time someone mentions it. A hacker is not a person with a hoodie, sitting in a dark room, with multiple screens in front of him. That is what we see in the movies, right? In real life, a hacker is an individual with deep domain expertise of the domain he works in. So a cyber hacker is a person with deep domain expertise on computers and related infrastructure like networks, servers, etc.
Hacking a cyber system would involve overcoming the security mechanisms deployed to protect the confidential data by exploiting various vulnerabilities present in the system or network and gaining unauthorized access to the confidential information.
Steps of hacking
To understand social engineering, we need to first understand the various steps of hacking. Any hacker would follow these steps in order to successfully penetrate a system.
- Reconnaissance or Foot printing – As defined and used for military purposes, reconnaissance is the activity of gathering information about an area using soldiers, planes, etc. Similar to that, reconnaissance in hacking means gathering all the information about your target which you would use in the next steps of hacking. This step lays the foundation for your attack. More the information, easier the attack will be. Reconnaissance could be active or passive in nature. Active reconnaissance would involve the attacker scanning the network and websites of the target organization or individual directly. However, in the passive reconnaissance, the attacker would never get in direct touch with the target and would use various “social engineering” techniques to gather information.
- Scanning – After the attacker has some basic details, he or she starts scanning the network and websites of the target much more intensively and gathers information like active hosts, OS running on them, open ports and others which could be used to launch an attack.
- Gaining Access – Now the attacker has a lot of information like the IP ranges, key people of the organization, OS running on key servers, active hosts. The attacker will now use techniques to deliver a payload (the actual virus or a malicious code) to get into the network of the target. This is generally done by using some social engineering techniques like phishing.
- Maintaining Access – This is the next step when the attacker has the access to the network and the system, and would now make sure that he has a persistent access to the resources. He would generally do this by creating a backdoor, which no one else is aware of. This backdoor will ensure that even if the main gate has been closed by the target, there is a back gate which he could use to maintain the access to the compromised system.
- Covering tracks – Once the attacker is in the system and has access to all the data, his next step would be to remain undetected and anonymous. This would generally be done by deleting the logs and using a VPN or a Virtual Private Network to access the target network and systems.
Taking a deeper dive into Social Engineering
As we briefly discussed in the sections above, Social Engineering is getting information from the target by manipulating them. However, information gathering and social engineering goes hand in hand. Throughout this section, we will have a look at various techniques to gather information about an organization via online tools and social engineering methods.
- Who.is – You have a website name and you want to know all the basic details of the website, you can simply visit who [dot] is. You get the following details here:
- Name of the registrant
- Address and contact information
- Expiry date of the domain registration
- Name servers
- Registrar information
- Server type
![](https://ik.imagekit.io/upgrad1/abroad-images/tag/security/widget/imagePWMXXSU7N3AV.webp?tr=w-undefined,q-70)
Master Right Skills & Boost Your Career
Avail your free 1:1 mentorship session
![](https://ik.imagekit.io/upgrad1/abroad-images/imageCompo/images/1604720050269_inner_image_05D7UKKQ.webp?pr-true)
![](https://ik.imagekit.io/upgrad1/abroad-images/imageCompo/images/sMEQTLN.webp?pr-true)
With all this information, you will at least know the contact number and the address of company where the domain is registered.
- Command Prompt (Terminal for Linux users) – You must be thinking why we are talking about a Windows utility. Try and do this on command prompt, “ping knowledgehut.com”. What do you see? 4 packets sent, 4 received, but you got the IP address of the website. This is a very useful information when you are targeting an organization.
![](https://ik.imagekit.io/upgrad1/abroad-images/imageCompo/images/1604720099905_inner_image_07F4AK5U.webp?pr-true)
- Cisco Talos – Cisco Talos is a utility from Cisco and has many different components. For now, we would be focusing on the “IP Reputation” center. It helps you find the reputation of a domain or an IP address. Now how does this help in hacking? The answer is simple, once you have the IP address from the above step, you can now look at who this IP belongs to and mostly you will find the details of the platform where the website is hosted.
![](https://ik.imagekit.io/upgrad1/abroad-images/imageCompo/images/1604720256085_inner_image_08KLZL7U.webp?pr-true)
![](https://ik.imagekit.io/upgrad1/abroad-images/imageCompo/images/dsdsddsSG1HYR.webp?pr-true)
- Fake email domains or fake mailers – This is a very interesting process. You can actually send a mail from any email! Yes, you read that right. Let’s take an example. You can send a mail to any random person using an ID HR@facebook.com. How cool is that? These fake email domains also give you the liberty of getting a reply on your own mail box by setting up a “reply to” option. These kinds of domains are very widely used in phishing scams and a few of them are not even stopped by well-known email providers like Gmail. Emkei.cz is one such domain which allows you to send a fake mail. This is what the console would look like:
![](https://ik.imagekit.io/upgrad1/abroad-images/imageCompo/images/1604720321227_inner_image_10Q2615J.webp?pr-true)
You get an option to choose a name and email ID you want to send an email from. For demonstration purpose, you can use the name Alex Johnson, and the email ID alex.johnson@facebook.com. You get advanced features like “reply to”, priority setting and even encrypting the email. What “reply to” will help us do, is, once the victim (whom we are sending this fake mail for a phishing attempt) replies, we get the mail in a legitimate email box (not a fake one!). This will ensure that the email sent looks like a legitimate mail even though it is a fake and you still get a reply.
This fake mailer is largely used by attackers to lure job candidates into sending fake offers from an email ID which looks authentic and seek money for jobs. Attackers can also send a legitimate looking mail from the company HR and ask the users to fill in sensitive information.
- Temp Mailers – This is another tool on the internet widely used by attackers. This utility allows anyone to create a “temporary” email, which is valid for a very short duration (10 mins to 30 mins, depending on the website). You get an email address with a temporary inbox. People also use this to register on different websites where they do not want any promotional material landing in their personal mail boxes. Temp-mail.org is one such domain, you can find hundreds of such domains online.
![](https://ik.imagekit.io/upgrad1/abroad-images/imageCompo/images/1604720353496_inner_image_11BS9JUD.webp?pr-true)
- Social Media – Are we forgetting the social media? Social media gives you the maximum amount of information you want about an individual. You must be thinking how? Let us look at an example:
![](https://ik.imagekit.io/upgrad1/abroad-images/imageCompo/images/1604720378009_inner_image_12F9ZLYD.webp?pr-true)
What all information did you get to know about Anne from this image?
Possible passwords,
- maxthedog,
- alexandrichard,
- smith,
- 03181918;
Possible security questions and answers (remember setting up a few security questions in your bank account or even FB account?)
- Pet name: Max
- Best Friend: John
- Date of Birth: 18 Mar 1981
- Maiden Name: Smith
Address: from the link!
When is the house vacant: 18th March 2016, Half term
Other miscellaneous information: changing house, marital status (divorced), two sons, etc.
Now you understand the humongous amount of information we have on our social media. Not to forget our regular social media updates, be it on Facebook, Instagram, Snapchat, Telegram or WhatsApp!
- Fake Calling – Something very common these days, where you get a call from a person posing to be a bank official. They generally try to get the OTP or the One Time Password from you, Credit card or Debit card PIN or CVV. This is among the most common types of social engineering attacks and is commonly referred to as phishing attacks. They are categorized as frauds under law.
Phishing – Where we are the weakest link
Phishing, as defined by Wikipedia, is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords and credit card details, by disguising oneself as a trustworthy entity in an electronic communication. It is generally done by using one or more techniques we discussed above. Let us take a few examples:
- Sending a fake mail, looking just like a bank email. It will generally ask you to click on a link and redirects you to a web page. This web page would look exactly like the Bank Page and you would be asked to enter your user ID and password. Now this being a fake page would either give an error message or redirect you to the authentic website after you enter your user ID and password. In the backend, the attacker gets the login credentials for your bank portal. Similar to this are lottery mails you get, in which every day you win $10,000.
- Cybersquatting is a fraudulent act of registering, selling or using a domain name which has resemblance to a known brand with an intent of profiting using the name of the already established brand. For example, creating a website goggle.com which is similar to google.com. This could have a serious impact if you register a website as annazon.com (notice the double n) instead of amazon.com. They look alike in the first glance. Now imagine 20% of the traffic of amazon.com going on annazon.com. It’s a huge loss for Amazon!
- Sending SMS on mobiles with links to upgrade the PayTM app or entering a lucky draw or even changing your “expiring” bank account. These links will either ask the victim to enter some confidential information like banking details or OTP or install an app or a software in the background. Now the installed app or software is designed to spy on the victim’s mobile device and send confidential information like SMS, photos, bank credentials, etc. to the attacker.
Can we do anything about it?
Simple answer is, not much. Social engineer, as the title of the article says, talks about exploiting the weakest link in security, which is us or the user. Unless the user is vigilant and aware, no amount of investment in the security tools and technologies can save the organization or the individual data from hackers. Organizations generally run Information Security Awareness campaigns, mandate the user to attend trainings, and even carry out phishing assessments. This gives the organization a direction to enhance its security program and train users to be better protected against cyber threats. As a part of this article, let us have a look at how we can detect a fake email.
Email header analysis helps us identify whether the mail is authentic or not. It is very simple to analyze an email header in Gmail.
1. Open the email for which you want to analyze the header. Click on “Show Original” as shown below in the image.
![](https://ik.imagekit.io/upgrad1/abroad-images/imageCompo/images/1604720479653_inner_image_13PETHV4.webp?pr-true)
2. Copy the header to clip board.
![](https://ik.imagekit.io/upgrad1/abroad-images/imageCompo/images/sDEI6RW.webp?pr-true)
3. Open and paste the header.
![](https://ik.imagekit.io/upgrad1/abroad-images/imageCompo/images/1604720593463_inner_image_158B62V8.webp?pr-true)
4. Click on analyze header.
You will get all the details like email domain, sender, who will get the replies, SPF values, etc. Now you can actually know whether a mail was sent by an authentic domain or by a fake mailer service like emkei.cz!
Recent attacks including social engineering
The Sony Pictures Hack – November 2014
- Target Data Breach – 2013 (Phishing)
- 2016 Democratic National Committee Email Leak – July 2016 (Spear Phishing)
- Associated Press Twitter Accounts – April 2013 (fake email)
- RSA SecurID Cybersecurity Attack – March 2011 (infected attachment in email)
Concluding remarks
Social engineering, coupled with information gathering is one of the easiest and efficient way of doing reconnaissance. Attackers make use of these techniques to make sure they are equipped with enough knowledge before they carry out any attack. User awareness and due diligence is the only way to prevent an organization or individual from a social engineering attack.
Get Free Consultation
By submitting, I accept the T&C and
Privacy Policy