In our modern society "hacking" is a very broadly used word. Many of us overlook simple things that we shouldn't do out of faith and trust in our fellow man. The problem is, most of us aren't exactly the greatest people, a huge number of people focus on themselves. A very large number of black-hat hackers are what is known as "scriptkiddie". They attempt to do damage for personal amusement, which leads me to the purpose of this entry, my dabbling in social engineering, and an attempt to teach people what NOT to do.
Social engineering is when someone emails you something you want, they share a link to something you want, they offer to you something that you want. Could be that breast enlargement email that every last one of us has gotten, or that "you won [insert object here]", maybe even "here is your receipt for that purchase." We've all, at one time or another, clicked these links and fell prey to someones jollies.
On my behalf, I used Facebook, in an attempt to troll my friends. This here, is the main reason, you will find I have no Facebook, not because I was kicked off the site, but because I didn't realize how many people would fall prey to a simple con, and the list of people who kept falling for it.
It was simple to con people, so simple, I hid a hyperlink in every post and gave misleading information that people fell for instantly. I found a new meat spinning diet, I found the new Lemon Party political party, gross and horribly obscene websites that made me giggle whenever someone would click it and get angry at me. Fantastic feeling, got me hooked on trolling, I didn't even know social engineering was a thing at that time and it felt awesome.
Post after post, the same people lining up for the slaughter, all posting that I was a jerk, and me laughing hysterically on my end. How could people fall for this stuff multiple times? I was getting the bug to continue down the road of black hat hacking, I was looking into scripting opportunities so I could get people to fall for really devious traps, I was spending hours researching horrible things to do, SO MUCH FUN I COULD HAVE!!!
Then... I had a surprise commenter whom changed the way I did things, a single person who made me delete Facebook and rethink what I was doing. My grandmother... looked up the political party link, looked up the diet, looked up my horrible horrible posts, my phone rang, I answered, my heart sunk... my screwing with people lead down the wrong path.
This taught me how EASILY people can fall for social engineering, how EASILY it is to take advantage of peoples trust. It would be nice to change this, it would be nice to educate the world in better security tactics.
Social engineering is a serious problem that isn't going away, its only growing and getting more clever as the user base of the internet grows, as time spent online increases. And I implore everyone who reads this, take the time to educate your friends and family to check the source of their email, check where the link is going, and if it seems to good to be true, or way to targeted, don't click it. There people out there who WILL click that link, there are people who will fall prey to these tactics. The people out there doing these social engineering attacks, aren't doing it to send you to a misleading site, they are data mining or trying to get information they don't need.
Look, read, and listen, if you don't know it, don't go to it.
Blogger Comment
Facebook Comment