Hackers may infect one or more USB drives with a virus or Trojan, that when run, will provide hackers with access to logins, passwords, and information on the user's computer or the network the computer is connected to. Hackers can also use USB drives to gain access to sensitive information kept on a computer or network. The user provides the required information and the problem seems to be solved. The user contacts this aide and is then prompted to give sensitive information to them in order to fix the problem. This is when a hacker poses as a technical aide to fix a computer problem which they actually created, or which doesn't exist.
They request that the user verify their user name, password and user ID either by responding to the email or by clicking on a link that directs the user to a legitimate looking, but fake website. For instance, a hacker will send a fraudulent email claiming to be a banking institution, credit card company or department store, etc. Hackers often try to trick users into providing sensitive information via email, instant messaging, chat rooms or social networking sites, etc. Also known as trashing, this is when a hacker searches for sensitive information (e.g., bank statements, pre-approved credit cards and student loans) in the garbage. They could use positions of authority such as impersonating a phone company representative or a bank representative.ĭumpster Diving. A hacker calls pretending to be someone in a position of authority to persuade the user into providing sensitive information. There are a variety of tactics used in social engineering, some of which are: Social Engineering is thus described as a non-technical intrusion that relies on human interaction and often involves tricking other people into breaking normal security procedures. If you respond to this phishing email with the requested information, you will have given a hacker access to your email and to personally identifiable information (PII) located within your account.
In order to prevent this from happening, you are prompted to provide personal information such as your user ID, password and full name. For instance, you receive an email explaining that your Yahoo account is about to be disconnected. When users receive phishing email through certain techniques, it is often called social engineering.