Hi,
I wanted to write about social engineering because it is very misconceived term in our country. We don't need to graduate from any University to become Social Engineer. So, we don't need to wear boring ties.
What is Social Enginering?
Social Engineering is simply to obtain the information, by misleading people. So it depends on persuasion and deception. Well, of course the person who does social engineering isn't directly swindler, but they are qualified liars. Some people can lie, others develop themselves and their skills. If you lie and no one suspects, If you're cold-blooded, that means you have an innate gift for social engineering.
We are not proud of it but Social Engineering is mostly used for fraud in our country. This is an example for classic Social Engineering attack.
+Hi, I am calling from the x bank. I was going to meet R...G..
- Yes sir, I need to ask some questions for confirm.
Well, it goes like this. But when I give the bank sample, I'm pretty sure you all understood that classic social engineering attack. This is fraud, obviously but Social Engineering isn't only limited to this. You can use it to different categories. Hacking, Gathering Information, Intelligence etc.
Who use it?
When I asked this question, most people think this name: "Kevin Mitnick" Well, actually it is true. Kevin Mitnick wrote the book on Social Engineering. I am not joking he wrote the book on Social Engineering. "The Art of Deception"
Mitnick is known as the most famous hacker in the world. There is no state, military or institutional system that he has not entered. But he has a skill that distinguishes it from other hackers. Kevin Mitnick would collect all the information through social engineering. In other words, he was using Social Engineering for Hack.
Not only hackers, also Cyber Security Personals use Social Engineering intensively. Trust me they live among us but we can't see them. Their task is to maintain order and prevent cybercrime. Sometimes they look like a teenager, sometimes they appear as a Terrorist profile in social platforms like Twitter and Facebook. As a result, they proceed to collect information in a different personality.
Cyber Intellingence is another branch that uses social engineering intensively. Cyber security specialist's duty is to take precautions for necessary actions. They are everywhere! They identify themselves differently and collect information.
Social Engineering is mostly used for fraud in our country. It is very easy to use Social Engineering for fraud. It doesn't require knowledge and hard work. Just you need to know how to lie.
Social Engineering Scenario:
Finally, I want to present a scenario on Social Engineering. In this way, you can understand more easily.
-------
You are sleeping at home and suddenly the door knocks.
There are 2 burly man with police clothes in front of the door.
+ Hello, we are coming from the Cyber Crimes Unit.
(Meanwhile, the voice of the radio was deliberately left open and radio is giving information about you.)
- I don't understand, What happened?
-IZBAN was hacked this week. According to the researches, the attack was made here and the IP address is registered in this name: E...T...
- What do you mean, hacked... I was sleeping!
+ Sir, please. We have to confiscate technological devices, then others will bring you to the police station. They will tell you what happened after the necessary research.
(And the cops go with technological devices and they will not be seen again.)
------------------
Now we have written a very simple scenario. Some of you would say "sooo fakee." However, the current psychology is completely different. You can't understand what is happening and psychologically, your brain recognizes the police as something reassuring. I just gave it as an example.
Now let's learn the points that we need to pay attention to.
Protecting Against Social Engineering
Let's say you were exposed to a scenario like this.
*Firstly, you can't understand they are police or not from his radio and his speeches. And every police must show identify, so you can ask for it.
*If they start threatening and raise their voice, it means using persuasion psychology. So you can notice it.
*If they a****s eye contact, If they go into detail and use their hand constantly while telling you about the event, this clearly shows that they are lying.
*They can try to scare you, they can say "The situation is bad, Look at her, ..Yeah she is young.."
*They can always try to establish physical contact. For example shaking hands means trust.
I hope this will help, have a good day!
source: https://www.turkhackteam.org/sosyal...nedir-sosyal-muhendislik-kimlar-kullanir.html
I wanted to write about social engineering because it is very misconceived term in our country. We don't need to graduate from any University to become Social Engineer. So, we don't need to wear boring ties.
What is Social Enginering?
Social Engineering is simply to obtain the information, by misleading people. So it depends on persuasion and deception. Well, of course the person who does social engineering isn't directly swindler, but they are qualified liars. Some people can lie, others develop themselves and their skills. If you lie and no one suspects, If you're cold-blooded, that means you have an innate gift for social engineering.
We are not proud of it but Social Engineering is mostly used for fraud in our country. This is an example for classic Social Engineering attack.
+Hi, I am calling from the x bank. I was going to meet R...G..
- Yes sir, I need to ask some questions for confirm.
Well, it goes like this. But when I give the bank sample, I'm pretty sure you all understood that classic social engineering attack. This is fraud, obviously but Social Engineering isn't only limited to this. You can use it to different categories. Hacking, Gathering Information, Intelligence etc.
Who use it?
When I asked this question, most people think this name: "Kevin Mitnick" Well, actually it is true. Kevin Mitnick wrote the book on Social Engineering. I am not joking he wrote the book on Social Engineering. "The Art of Deception"
Mitnick is known as the most famous hacker in the world. There is no state, military or institutional system that he has not entered. But he has a skill that distinguishes it from other hackers. Kevin Mitnick would collect all the information through social engineering. In other words, he was using Social Engineering for Hack.
Not only hackers, also Cyber Security Personals use Social Engineering intensively. Trust me they live among us but we can't see them. Their task is to maintain order and prevent cybercrime. Sometimes they look like a teenager, sometimes they appear as a Terrorist profile in social platforms like Twitter and Facebook. As a result, they proceed to collect information in a different personality.
Cyber Intellingence is another branch that uses social engineering intensively. Cyber security specialist's duty is to take precautions for necessary actions. They are everywhere! They identify themselves differently and collect information.
Social Engineering is mostly used for fraud in our country. It is very easy to use Social Engineering for fraud. It doesn't require knowledge and hard work. Just you need to know how to lie.
Social Engineering Scenario:
Finally, I want to present a scenario on Social Engineering. In this way, you can understand more easily.
-------
You are sleeping at home and suddenly the door knocks.
There are 2 burly man with police clothes in front of the door.
+ Hello, we are coming from the Cyber Crimes Unit.
(Meanwhile, the voice of the radio was deliberately left open and radio is giving information about you.)
- I don't understand, What happened?
-IZBAN was hacked this week. According to the researches, the attack was made here and the IP address is registered in this name: E...T...
- What do you mean, hacked... I was sleeping!
+ Sir, please. We have to confiscate technological devices, then others will bring you to the police station. They will tell you what happened after the necessary research.
(And the cops go with technological devices and they will not be seen again.)
------------------
Now we have written a very simple scenario. Some of you would say "sooo fakee." However, the current psychology is completely different. You can't understand what is happening and psychologically, your brain recognizes the police as something reassuring. I just gave it as an example.
Now let's learn the points that we need to pay attention to.
Protecting Against Social Engineering
Let's say you were exposed to a scenario like this.
*Firstly, you can't understand they are police or not from his radio and his speeches. And every police must show identify, so you can ask for it.
*If they start threatening and raise their voice, it means using persuasion psychology. So you can notice it.
*If they a****s eye contact, If they go into detail and use their hand constantly while telling you about the event, this clearly shows that they are lying.
*They can try to scare you, they can say "The situation is bad, Look at her, ..Yeah she is young.."
*They can always try to establish physical contact. For example shaking hands means trust.
I hope this will help, have a good day!
source: https://www.turkhackteam.org/sosyal...nedir-sosyal-muhendislik-kimlar-kullanir.html
Translator: dRose98