Social Engineeing

WHAT IS SOCIAL ENGINEERING??

Social engineering is the act of stealing important information for security such as ID or password, and it is also called social hacking or social cracking. As well as managers of the systems, normal users are often aimed, for they do not have enough knowledge and consciousness of the danger.

The methods to collect information are different from normal hackers who enter systems secretly: they use "social" or physical method. For example, they try to steal a look at proper users typing password over shoulder or eavesdrop on them in a public situation. Another way to get information is to talk to the user directory pretending to be a system manager, another member of the group, or a customer. Also, the trash from office can be the information source, for it is easy to restore the paper with important information even if they are broken up by shredder.

It is required for users to be aware of the danger of social engineering to protect their precious information. First, be careful not to tell such information easily if you asked, for others, including the managers of system do not have to know users' password. Second, if you have to inform such information, make sure that the person you are talking is the person you think. Finally, control important information strictly! These are necessary to survive this highly information-oriented society, without being caught up in a crime.