Social Engineering Attack: All You Need To Know And It’s Prevention

social-engineering-attack-hacking

Hey, it’s a Monday evening and you’re sitting down with some snacks in a mog,
And now you switch on your device data connection and you got excited to see an old friend of yours sent a friend request,
“Fantastic!” you think finally am not gonna be bored again,cause you have got alot to discuss with your friend,and after clicking on the notification,your messenger or social network menu comes up and after a few time loading you got a freezing message “session expired”, “session logout”, “please verify your number”, “you have been logged out”.
Then you feel down and got your snacks mog slammed on the floor after some few attempt to login, you realized your account has been hacked!!!.
The question that runs first into your mind is, How did this hacker manage to hack my account??.
I didn’t login into anywhere nor expose my passwords,
lol man, a social engineering attack has been played on you,anyway don’t panic that’s not the end of life.
So in this article today I will explain deeply to you the following👇👇

  • How Hackers Make Use Of Social Engineering.
  • What is SEToolkit and all you need to know about it.
  • How to keep ourselves safe/remedies from social Engineering attack.
But before we move onto that, let’s briefly explain what social engineering means

What is Social Engineering??

Social Engineering is the act of manipulating people mind/playing on thier intelligence so they give confidential information and it relies heavily on human interactions,see also what Wiki says About Social Engineering.
Social Engineering
Now,

How do hackers make use of social engineering??

The fact here is that Hackers can never complete an hacking mission without  making use of social Engineering, ask me why??
Now we all know that facebook hacking is growing widely now adays, so an hacker is asked to help in hacking a Facebook account, let me tell you the truth,
He/she has no special tool to help hack facebook Account except if he/she knows about ss7 exploits/attacks only and it’s rare to see the tools around, but to pro hackers is shouod be easy,ss7 is not a tool available to the mass, See How To Hack Facebook account Using Ss7 apart from that he has no tool to help you hack the Facebook account,that’s just one hint, so what will he or she do, the hacker will make use of social engineering..
Note:- We are just making use of facebook social network account as example
Here is how many Hackers made a successful hacking mission
  1. They would make some observation on the victims account,his profile,his friend list,his uploaded pictures,areas of interest, and this process is called INFORMATION GATHERING
  2. Now the hacker will note your area of interest,and now it’s the aproaching time,they will send you a gentle friend request,and after 2 to 3 days,they hook you up with something like “Hey Benson,it’s been long”,
    Social Engineering attack

    that word is like a killing word and now you start up conversation with them.

  3. After some few days or weeks,after which they grab your trust,the next thing they do is send a phishing link, malicious apps e.g keyloggers,spyware, let’s take for example you are a game lover,you loves to play online games,
    Social Engineering attack

    they will come to you with a game phishing link that will require you to login in your account credentials before you can play the game,lol but to me I name this method “WE USE THIER GREED TO GET THEM” but it could still be categoried under phishing attack or keylogging attack.

And you see the victim Is finally hacked, and the hackers gets paid,
Also we have those hackers that get victim account hacked using dictionary attack (Brute Force Attack) this method also requires Social Engineering,
The hacker can just grab your contact details and just call you with a fake number and ask you for some of your details which they will use in creating the password word list to bruteforce your account but this method is always a 50/50.
See this below image, I hope it explains better.
social-engineering-attack-layout
I hope now you can see that Hackers can’t do without social engineering,so let’s discuss about SEToolkit..

What is SEToolkit??

setoolkit
SEToolkit is an open source penetration testing framework that is developed by David Kennedy (ReL1K) to helps social Engineering attack easy.
For Kali linux users ,SEToolkit is a pre-installed tools but for Android lovers who is using Termux,GNUroot and so on Here is How To Install SET On Your Android terminals

setoolkit

How do we prevent ourselves from social Engineering attack??

You and I know social engineering attack is something you can’t say “hmm,THIS IS A SOCIAL ENGINEERING ATTACK/PLAN“,
even your closet friend might be a social engineer whose aim is to get your credentials details,that’s all,they aiint your friends. They will disappear after they lay thier hands on what they want.
Here are remedies have been using so far that has been helping out.
  1. Tighten Up your privacy,that’s the first, not all friend requests you see you accept,filter messages you reply too,don’t just trust any messages you see.
  2. Never ever click on links that requires you to login your details, don’t ever click on links that don’t have https://, visit those with https:// only.
    https connection
  3. Reduce the information you provided about your self on social network.
  4. don’t ever make use of cheap and guessable password,use password that will takes an hacker more than a year to crack e.g add @#$&+- things like this to your passwords.
  5. And lastly trust no one..
With this 5 remedies ,I guarantee you 80-90% safety from social Engineering attack.
Kindly comment and hit the share button if you find this post usefull.

LEAVE A REPLY

Please enter your comment!
Please enter your name here