Question

Social networks have become popular media among individuals of all ages to stay connected with friends, family, colleagues and coworkers. However, many users are unaware of the dangers of sharing vast amount of personal information on social networks.

• How can social networking be used to facilitate social engineering attacks?
• What can individuals and organizations do to secure personal and proprietary information from these attacks?

Answer 1

1). ANSWER :

GIVENTHAT :

Social engineering is a technique to get people personal information without the consent of the person. The information they need to get can be anything like personal phone number, emails, bank account details, photographs etc.

Some of the common social engineering attacks can be :-

1. Email from a friend once the criminal gets access to your email they can access your friend list and send them any email containing a link which can hack into their system as well.
2. They can ask your list for urgent help and they won’t be aware your account his hacked which in turn can lead to sending money to criminals
3. Ask for the donation to the trust or something like that.
4. Phishing they tend to use shortened URLs or embed links that redirect users to sites that appear legitimate
5. Notify you are a winner of a lottery and you need to send your bank account details.
6. Sending you a download to software which can steal private information.
7. Baiting which is a new way of phishing attempts

Inorder to secure information from these attacks one should take some of the steps as below

1. Plan the training: Ensure all people learn the security policies and procedures
2. Don’t install random softwares and mostly received through emails
3. Scan for virus every attachment you receive and after that open it
4. Don’t keep the same password for all things
5. Whenever you receive any offer first get it verified.
6. Set your spam filters high.
7. Install anti virus software, firewalls, email filters and keep these up-to-date