Social engineering is one of the most interesting and rewarding methodologies in hacking. Requiring almost zero technical and IT skills, social engineering is all about soft skills like convincing and effective communication. The art of social engineering is not a very well-defined process since it all depends on what works on the specific target.
We can however break the whole process into the following methodology:
1. Scope definition: The attacker needs to identify what information or action is needed from the compromised entity. The goals need to be realistic and should raise minimum suspicion. It is important to understand the role of social engineering in your complete plan. There are cases where social engineering is the major phase in the hack cycle, such as the secret question solution extraction in password hacking. It plays a support role in larger hacks, such as network gateway blueprints in organizational network sabotage. The attacker needs to establish what minimal information is required from the target entity and should not get greedy as larger interactions would arise suspicions.
2. Target selection: It is very important to select a relevant target for social engineering to work. It goes without saying that your target should first itself have access to the resources you want to exploit. Also, each person is a unique entity and would need curated interactions. There are a lot of indicators to determine whether an individual could be a viable target or not. These include the job role (gives a fair idea of the access level and authority), office location, social interactions, family history, and so on. Much of this information is publicly available on social media platforms and needs little to no digging.
3. Communication and establishment of trust: The first contact is often the most crucial part of the process. Utmost care is required to avoid any suspicion and to ensure that further communications are seamless. This has somewhat eased in the digital age with a minimum requirement for physical interactions. There may however be cases of actual face-to-face interactions. Another point to be considered here is communication need not necessarily be of a positive tone. Negative reinforcements like urgency and chance of loss tend to make the target let their guard down.
4. Intent expression: This is the time when an attacker starts to actually show intent. This can be as simple as engaging with the target in a game of truth and dare and asking the security question or could be asking the target to immediately pay some charges to avoid the filing of a legal case. The trick here is to make these questions look natural and to mask the actions for as long as required.
5. Intent execution: This is the phase of taking some steps on the resource extracted. Again, these can vary as per the resource. As an attacker, the first step here is to validate the resource. And in case of negative results, there have to be devised plans of tapping back into the channel, if available.
What do you think about the process breakdown.
Also did you know?
Social engineering attacks are the most unique forms of hacking as they involve the maximum creativity and can be carried out at almost all points of human interaction. A staggering 97% of malwares target victims through social engineering, leaving just 3% of them exploiting an exclusively technical vulnerability. With such a huge impact and vast applications, this is perhaps the jack of all trades when it comes to hacking.
Hope this was helpful.