Footprinting through Social Engineering

Subscribe to my newsletter and never miss my upcoming articles

Listen to this article

In footprinting, the one of the easiest component to hack is human being itself. We can collect information from a human quite easily than fetching information from systems. Using Social Engineering, some basic social engineering techniques are: -

Eavesdropping Shoulder Surfing Dumpster Diving Impersonation Social Engineering You can understand the social engineering as an art of extracting sensitive information from peoples. Social Engineers keep themselves undetected, people are unaware and careless and share their valuable information. This information is related to the type of social engineering. In Information Security aspects, Footprinting through Social engineering gathers information such as: -

Credit card information. Username & Passwords. Security devices & Technology information. Operating System information. Software information. Network information. IP address & name server’s information. Eavesdropping Eavesdropping is a type of Social Engineering footprinting in which the Social Engineer is gathers information by listening to the conversation covertly. Listening conversations includes listening, reading or accessing any source of information without being notified.

Phishing In the Phishing process, Emails sent to a targeted group contains email message body which looks legitimate. The recipient clicks the link mentioned in the email assuming it as a legitimate link. Once the reader clicks the link, enticed for providing information. It redirects users to the fake webpage that looks like an official website. For example, Recipient is redirected to a fake bank webpage, asking for sensitive information. Similarly, the redirected link may download any malicious script onto the recipient’s system to fetch information.

Shoulder Surfing Shoulder Surfing is another method of gathering information by standing behind a target when he is interacting with sensitive information. By Shoulder surfing, passwords, account numbers, or other secret information can be gathered depending upon the carelessness of the target.

Dumpster Diving Dumpster Diving is the process of looking for treasure in trash. This technique is older but still effective. It includes accessing the target's trash such as printer trash, user desk, company's trash for finding phone bills, contact information’s, financial information, source codes, and other helpful material.

Share this