Social engineering is considered to be a taboo subject in nowadays society. It involves the use of social skills or to obtain usernames, passwords, credit card data, or to compromise or altering the information and systems of an entity. Social engineering methods are numerous and people using it are extremely ingenious and adaptable. This technique takes advantage of the intrinsic nature of mankind, to manipulate and obtain sensitive information, persuading people into divulge it, using exceptional communication skills. Thus, five models of persuasion were identified, based on: simplicity, interest, incongruity, confidence and empathy, exploiting key factors which predispose people to fall victim to attacks of social engineering such as greed, self-interest, guilt or ignorance. It is well known fact that security is as strong as the weakest link in its chain (individuals) therefore, beyond technical measures, staff training is the key to success in defending against such attacks.
Întreg articolul poate fi consultat la adresa: Informatica Economică vol. 18, no. 2/2014
The society of 21st century has been defined as being based primarily on knowledge. Furthermore it has been founded on the exchange of data between all fields of activity. Nowadays, the amount of information held is directly proportional to the power that an individual can have on others; therefore, a very important aspect is not only acquiring but also protecting it from potential attacks. The emergence of numerous systems and protection mechanisms seemed to have solved the security problems. However, it has been discovered that the crucial element as remained the individual and not the machine, that installing the latest applications does not guarantee a complete protection of the system as it is not necessary to force it to infiltrate yourself, it is easier to get the information needed using persuasion or goodwill. Social engineering is a set of methods by which an individual or group of individuals are manipulated to provide access to certain information or to print a certain behavior.
Persuasion Seen as the Art of Manipulation
“People will do anything for those who encourage their dreams, justify their failures, allay their fears, confirm their suspicions and help them throw rocks at their enemies.”