The official definition is “the art and science of getting people to comply to your wishes” which is why it is so fascinating and addictive to people who desire control or power. It is essentially an art in its own right, as very few people can manipulate people, whilst the person not knowing they are being manipulated.

One notorious master of Social Engineering is the famous hacker Kevin Mitnick. Kevin used his skills to gain access to some of the largest corporations in the world. Kevin now does seminars on computer security, helping people avoid some tricks he actually perfected.

One example Mr. Mitnick uses, delightfully illustrates Social Engineering. Kevin picks his target and then carefully waits for weeks on end for a snow storm. When a snow storm occurs, Kevin rings the security guard, distrought, complaining he cannot get to the office to complete a project. He asks the security guard to enter the computer room, and type in a simple command (which unkown to him, creates an administrator account). Mitnick thanks the guard for the help on the 'project' and asks him to print out a file list and return to his office. Mitnick then rings the guard, tells him to throw the file list in the bin, thereby framing the security guard. Mitnick has access to all the information he needs and

With people so worried about software vulnerabilitys, they fail to see that a person can compromise a whole system and render millions of dollars spent on security utterly useless. Although 'Social Engineering' is not a widely used term, you have probably heard of 'phising', which impersonate companys or people, to gain passwords. One such company, Ebay, is particularly a target for attack. The problem is even if it is from sender X@Y.com, it can still be impersonated, to look like it came from Y@X.com .

Social Engineering is also popular through phone attacks, like " Hi I am John at Microsoft Security, we had a report of fake windows versions in the area, please read us your Windows serial, so we can identify it" The hacker the uses the fake serial number and ships it with thousands of fake copys of Windows, thus leaving the trail of evidence pointing to the victim.

Nothing can fully stop Social Engineering, but companys must educate staff and governments the general public, about these kind of attacks and how to avoid them. Awarness is the key to thwarting all the would be hackers.

This Article was written by Neil Grogan (Duey Finster)

About the Author
Neil is a computer expert who runs an information site all about technology and security.

For More Information: http://www.dueyfinster.com

ALL RIGHTS RESERVED ©2005 dueyfinster.com

• Report onthe Growth & Economic Impact of the IT Industry 1940-2010


• Trouble-shooting Hard Drive Problems - Part 2


• User Friendliness: Do Computers Have to be Clinical and Boring?


• The Ultimate Source of Knowledge at Your Fingertips


• The Seven Deadly Habits of a DBA and How to Cure Them


• Use of RFID Technology in Libraries: An Automated Metheod of Circulation, Security, Tracking and...


• 9 Year Cycle; El Nino and Super Computers


• Television on Your Schedule with a Digital Video Recorder (DVR)


• Creating a Backup Plan


• Search and Replace Text in Multiple Files in Only 7 Lines


• Dear Bill Gates, You Clever Fox


• The Apple Power Mac G5


• Bow Lingual Dog Translator - Does it work?


• Review of Olympus W-10 Digital Voice Recorder


• LCD vs Plasma TVs