Email scams are one of the most popular social engineering methods due to the amount of people that can be contacted with the click of a button. Email scams were very effective when they first emerged since many people were new to using email and were caught off guard. Social engineering criminals quickly devised schemes that seemed legitimate with the goal of extracting personal data including social security numbers, account numbers, birthdates, and passwords. Awareness of these scams flooded the public media and reduced the success rate of these attacks. However, email scam methods are still widely used by social engineering criminals and they are getting more sophisticated.
Social integration methods require more expertise to pull off, but are much more difficult to detect. When social engineers are able to gain the trust of their targets and use this confidence against them, they are more likely to gain access to sensitive and protected information. Elaborate social integration methods are deployed by trained professionals such as those involved in espionage. These methods are not likely used by common criminals, but yield significant results when successfully deployed.
Happy New Year to all! We will continue to explore social engineering in subsequent weeks here at The O including targets and the “theft from a distance” philosophy
