Social Engineering and Social Networks
Social Engineering for those who probably are not aware of, refers to a method of divulging confidential information from people through non-technical means that will allow unauthorized access to a valued system and the information that resides on that. In a few words, this is an attack that normally serves hackers to gain access to enterprise networks or to target individuals, depending on the purpose of the attack.
The purpose of this article is to highlight the importance of privacy security on the Internet and how this is related with social engineering. An example of social engineering attack involves the attacker, the victim and the information retrieval. Imagine that you post on facebook some destinations and places that you have visited and you have described them with enthusiasm. An attacker could exploit this information so as to call you up (find your number in a catalog or even from facebook or send an e-mail). Then the attacker asks you to give your personal information, with the excuse that you’ve won a money price from a lottery, made for a Hotel’s customers, in which you had stayed as long as you were visiting the places you describe in your profile. Probably you might trust him and give him information about you, even your social security number or possibly your bank account. The next step is to call your bank and pretend to be you, claiming that your online account was blocked and you will need a new password. The data