Over the last decade cyber-security and security awareness has become an important tool for many businesses. Cyber criminals are using computer software as a technique to steal secret information from individuals and companies. Social engineering is a form of cyber crime in which criminals attempt to obtain secret information from their victims through deception and persuasion techniques. This data is later used for identity theft or to access sensitive computer systems.
Phishing is a form of social engineering that uses false information to obtain personal data on an individual. This is typically done by sending an email that requires an individual to respond with his bank account number and password or other sensitive personal data. The thief will then lead the individual to an Internet application that will save the personal data. This data will be used later for fraudulent purposes.
Malware is another technique that is widely used in social engineering. This is a form of software that is intended to nest itself inside an enterprise. The software may lie dormant for several months, but when it becomes active emails and private files can be pulled from files systems and sent through telecommunication lines to the criminal organization. Malware can come in many forms but it is typically activated by opening an email attachment file.
Communicating in social networking sites has become popular for many individuals. These social environments are an area in which criminals thrive. Con artists can obtain and use information from social network communities for devious purposes, which is something frequent social networking site users should keep in mind.
Social networking sites are also used as an advertising ground for illegitimate websites. Having a user unknowingly select a website as a preferred link makes other users in the social community try it. This fraudulent advertising scheme is used widely by criminals as a way of putting worms or viruses on thousands of computers.
Vishing is a new form of social engineering that uses false voice mails to trap consumers. These voice mails claim to be emergency calls from banks or credit companies about suspicious activities with the consumers account. When the consumer calls back he is asked for bank account information for verification purposes. This information is then stolen by the vishing expert and later used for credit and bank fraud purposes.