Each day you are influenced by social engineering techniques.
All right, let me clarify. From the perspective of information security, Wikipedia says that social engineering is the psychological coercion of individuals to carry out acts or reveal sensitive information. That is real, but social engineering is not limited to information security; it is something that we all experience every day.
We will explore why social engineering works and how it is used and manipulated by others to manipulate you subtly (or not so subtly) as part of a new series on the psychology of phishing attacks.
We require to know the fundamentals of network security professionals that will enable us to identify them when they appear in skillful latest attacks.
9.Our greatest strengths, our biggest weaknesses
We make a remarkable amount of judgments every day when you split it down, and we speculate about surprisingly less of them, let alone evaluate them.
In our decision-making, these concepts of persuasion explain how we take shortcuts. There’s a great video that shows these ideas in more detail. It’s difficult to make decisions because we don’t have the time, resources, or stamina to analyze each decision thoroughly until we act on it. So for ourselves, we make shortcuts, particularly when it comes to relating to others. Those shortcuts take advantage of Social Engineering. Let’s quickly go over each one.
People are not fond of feeling indebted to others. We prefer to try to repay it when we’re the beneficiary of a favor. The candy at a restaurant with your check has been shown to raise tips. In hopes of gaining your attention and, potentially, your company one day, businesses offer free content on their websites. My favorite instance in his book is one that Cialdini points out.
In 1985, a major quake struck Mexico City, producing billions of dollars in destruction and over 5000 graves. International assistance has come from around the world to support Mexico, but with an especially surprising donation, one country, in particular, stands out. Ethiopia was not in a situation to assist anyone in 1985. They were experiencing drought and hunger. The total assistance sent to Ethiopia in 1985 was about $1 billion. Yet the Ethiopian Red Cross gave $5000 in support to Mexico because, 50 years ago, when Italy attacked, Mexico appeared to Ethiopia’s help.
People are more likely to want stuff that they think is limited in quantity, exclusive, or always available. This is the whole idea behind the McRib, the exclusive limited-time deals on things you didn’t realize you needed, or the clearance sale that car dealerships always seem to have because they’re overcrowded (apparently inventory management of automobiles is tricky).
People don’t love to be unsure. We search for and imitate authority figures naturally. We have a vague concept of what constitutes a figure of authority—for instance, uniforms. When we notice someone in a clinic in a white blazer, we prefer to give their pharmaceutical judgment more importance.
We’re listening to people we need. This idea is why you used to see the beautiful young woman sitting in advertisements on top of a sports car, why compliments will boost the chances of receiving a favor, and why mouthy Twitter feeds are open to some fast-food chains.
People want to see consistent conduct preserved. A small action will lead to larger acts because of this. Cialdini cites an example that I love; a study in which a random sample of individuals was called and asked how they would respond to the American Cancer Society if asked to donate three hours of their time volunteering. The researcher noticed that people said yes (most of them did; who wants to be the guy bristling at the thought of volunteer work?) and later called them back to ask them to volunteer. The American Cancer Society has seen a volunteer rise of 700 percent over its typical efforts.
Individuals lead into doing what they think everyone around them is executing, especially when, in the initial position, they are not sure what to do. When you step into a packed space, and everybody looks at the ceiling, what’s the first thing that’s going to happen to you?
We gravitate toward individuals we perceive as being close to us. This is where nationalism, the family’s bond, and the March of Women all come from. That is also why we share a curiosity with others; we like it; it is something that we have in common.
These concepts are frequently used in conjunction with practice, which we will see when applying them to examples of social engineering techniques in the real world.
Our greatest strengths, our biggest weaknesses
Charles Lively discusses a system of attack vectors in his paper Psychological Dependent Social Engineering, which typically leverages Careless, Comfort Zone, Helpful, and Fear in social engineering. What Lively implies, and where we will spend our next four posts, is that there are fundamental aspects of human nature that attackers manipulate using the influence techniques that we have already discussed. They are more extra than just vectors of the offense or bad conduct; they are components of who we are as individuals, and each has performed a part in forming the culture of today. I’ve translated the classification of Lively into what I call the Four Natures.
Simple Nature: People prefer to filter out data that they view as insignificant
Assistive Nature: People seem to want to be useful
Familiar Nature: Humans prefer, in familiar situations, and let our guard down.
Emotional Nature: People appear to cause feelings to impair or overshadow decision-making.
Network security engineer training is another way of ensuring your internet protection and security.