- Analysis: Analysis is one of important factor at any stage of life as well as in penetration testing. If an attacker wants to performs social engineering attack at any corporate structure first requirement is to analyse the human behaviour of employees and officers . Once the attacker can successfully analyse and finds a vulnerable target , attacker can successfully perform the attack . Hence before targeting any random human , an attacker needs to analyse the whole target structure.
- Selection: After careful assessment now attacker selects the most vulnerable human with which he can perform social engineering and can get some sensitive information . While selecting sometimes attacker choose medium or least vulnerable person if the position of that person is higher Hence for successful attack an attacker needs to choose the target person very carefully.
- Maintain relationship: Once attacker knows his target he tries to make good relationship with the target. Directly or indirectly attackers comes to contact with the target and tries to take his faith and trust . In this phase the motive of attacker is to gain trust of the target . Once starts believing in attacker it quite easy to performs social engineering attacks .
- Attack : This is the ultimate phase in this phase an attacker performs attack which may be in-person or live attack . Attacker tries to gain sensitive information from the target by the sake of faith and trust . If the attacker is able to maintain good relationship he can exploit and gain access to the sensitive information .
These are thye simple process which is followed by an attacker while performing . A hacker never go off the track , he follow the process because if something got missed there are chance of being caught .
1 Comment