Published on

The Anatomy of a Social Engineering Attack

Authors

In this blog, we are going to discuss social engineering attacks. Social engineering is a powerful tool in the arsenal of cybercriminals. Unlike technical exploits that target software vulnerabilities, social engineering attacks exploit human psychology to gain access to sensitive information or systems.

Social Engineering

Social engineering is a manipulation technique that exploits human psychology to gain access to confidential information, unauthorized systems, or perform fraudulent actions. It is a broad term that encompasses various malicious activities accomplished through human interactions, often relying on tricking people into breaking standard security procedures.

Stages of Social Engineering

  1. Research: Attacker gathers information about the target such as his/her social media, public records, interests, etc. In this stage Attacker also plans his social engineering attack and craft his message, email, etc.
  2. Hook: After gaining information about victim, now the goal is to build trust to perform a desired action. Common methods include:
    • Phishing Emails: Fraudulent emails that appear to come from trusted sources.
    • Phone Calls: Calls posing as technical support, customer service, or other authoritative figures.
    • Impersonation: Physical encounters where the attacker impersonates someone the target trusts.
  3. Play: During the play phase, the attacker exploits the established trust to achieve their objective. This invovles:
    • Extracting Information
    • Delivering Malware
    • Gaining Physical Access
  4. Exit: After achieving their goal, the attacker disengages in a manner that minimizes suspicion and covers their tracks. This phase ensures that the target does not realize they have been manipulated, allowing the attacker to use the gained information or access without immediate detection.

Types of Social Engineering

Following are types of Social Engineering

  1. Phishing: Phishing is a cyberattack that leverages email, phone, SMS, social media or other form of personal communication to entice users to click a malicious link, download infected files or reveal personal information, such as passwords or account numbers.
  2. Whaling: A whaling attack is a type of phishing attack that also leverages personal communication to gain access to a user’s device or personal information.
  3. Baiting: Baiting is a type of social engineering attack wherein scammers make false promises to users in order to lure them into revealing personal information or installing malware on the system.
  4. Smishing: SMS-phishing, or smishing, is a social engineering attack conducted specifically through SMS messages. In this attack, scammers attempt to lure the user into clicking on a link which directs them to a malicious site. Once on the site, the victim is then prompted to download malicious software and content.
  5. Hoenytrap: A honeytrap attack is a social engineering technique that specifically targets individuals looking fo online dating websites or social media.

Case Study

Six days ago, an email landed in Inbox showing me that my Facebook has been Hacked💀 and all of my security mesaures have been rolled backed. And the funny thin is all this was in Vietrnamese language.

Email I have recieved.

Here is the screenshot of the phishing email I received:

image

Analysis on Email.

This is my analysis on recieved email:

image

Analysis Breakdown Points

  1. Legitimate Sender Address: The email appears to come from security@facebookmail.com, which looks legitimate at first glance.
  2. Generic Greeting: The email addresses me as "Hello Saqlain," which is somewhat generic but personalized enough to seem authentic.
  3. Urgency and Fear Tactic: The message creates a sense of urgency and fear by stating that my account has been accessed without authorization.
  4. Immediate Action: It urges immediate action to Protect your account now by clicking a button, a common tactic to prompt quick and unconsidered responses.
  5. Kind Gesture: The email ends with a kind gesture from "Facebook's security team" to build trust.
  6. Anomaly: The email contains an anomaly as all the content is in Vietnamese, which raises suspicion since my account language settings are different.

Recent FlashBacks

Social engineering attacks have caused significant damage to nations by targeting government agencies, critical infrastructure, and large corporations. Here are a few notable examples:

  1. Ukraine Power Grid Attack (2015)
  2. APT-28 & APT-29
  3. The 2016 U.S. Presidential Election
  4. Stuxnet

Conclusion

Social engineering is a significant threat in today's digital landscape. By understanding the tactics used by attackers and implementing robust security measures, individuals and organizations can better protect themselves from falling victim to these deceptive attacks. Stay vigilant and always verify before you trust.

If you like this blog do follow me on GitHub, LinkedIn. A supporter is worth a thousand followers Buy Me a Coffee.

Discuss on TwitterView on GitHub