Social Engineering – per·sua·sion, pərˈswāZHən | manipulation – muh-nip-yuh-ley-shuh n | coerce (kō-ûrs′)
First of all, what is social engineering?
Social engineering is the art of manipulating, persuading, coercing people so they give up confidential information or access to systems. The types of information these criminals are seeking can vary, but when individuals are targeted the criminals are usually trying to trick you into giving them your passwords or bank information, or access your computer to secretly install malicious software–that will give them access to your passwords and bank information as well as giving them control over your computer.
You can simply call it a con-game or a confidence scheme but social engineering is integral to hacking into company assets. And this is where the “nerd” sphere disappears and we enter the mindset of people that may not have tip top technical skills.
To be clear, it does not require a “techie” to steal data from a company nor has it ever. Kevin Mitnick and folks in his realm did not rely soly on the keyboard and mouse. Human interaction is vital.
Call it human pressure points. (Chinese: 穴位; Japanese: kyūsho 急所 “vital point, tender spot”; Telugu: మర్మ స్థానం Marma Sthanam; Malayalam: മര്മ്മം marmam; Tamil: வர்மம் varmam) derives from the meridian points in Traditional Chinese Medicine, and in the field of martial arts, and refers to an area on the human body that may produce significant pain or other effects when manipulated in a specific manner.
What “other effects” could your organization suffer if human pressure points were applied?
I was going to post a few videos and/or articles about effective social engineering but I came across this video that says pretty much all there is to say. And it is humerous:
Jock Pereira | jockpereira.com | firstname.lastname@example.org | 978-666-4000