By Kyomuhendo Esther Diana
Almost every week mass media communicates about hackers having stolen thousands of passwords and other sensitive private information. It is commonplace to read articles about hackers having taken advantage of system vulnerabilities to bypass security barriers in order to fraudulently access private and company networks.
One of the most famous ways of hacking is SOCIAL ENGINEERING.
Social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems, or data.
For example, instead of trying to find a software vulnerability, a social engineer might call an employee and pose as an IT support person, trying to trick the employee into divulging his password.
Even if you've got all the bells and whistles when it comes to securing your data center, your cloud deployments, your building's physical security, and you've invested in defensive technologies, have the right security policies and processes in place and measure their effectiveness and continuously improve, still, a crafty social engineer can find his way right through.
Social engineering has proven to be a very successful way for a criminal to "get inside" your organization/ on an individual’s personal life. Once a social engineer has a trusted employee's password, he can simply log in and snoop around for sensitive data. With an access card or code in order to physically get inside a facility, the criminal can access data, steal assets or even harm people.
Sometimes, if the hacker knows the person, he will just send a link that is so related to them just to get the victim to open it. And given the relationship, the victim will be quick to open the link since they trust the sender.
Read more from this link