Social Engineering is a technique which releases securities through human conducts.
For example, if an information system blocks the third person by checking ID and passwords, in social engineering, people finds out a formal person and pump from he/she. Concretely,
1). pretend a maintenance man of the system, and tell the fake information that is about the broke down of the system. And ask passwords and ID.
2). pretend a both, and ask those information as a task for the business.
3). eavesdrop a conversation of those information.
and so on.
To prevent social engineering, it is needed to educate user of the information system and maintenance man. To build a strict rule for the information releasing in a organization is effective to stop social engineering.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment