Social Engineering Techniques

Jun 22, 2024

Social Engineering Techniques

Misinformation and Disinformation

  • Definition: Factually incorrect details designed to divide or confuse.
  • Difference from Opinion: Based on false information rather than differing viewpoints.
  • Purpose:
    • Persuade people to believe falsehoods.
    • Distract from damaging truths.
  • Common Platforms: Social media.
  • Documented Cases: Often involve third-party governments or nation-states.

Influence Campaigns

  • Characteristics:
    • Typically revolve around political or social issues.
  • Execution:
    • Use of advertising and social media tools.

Misinformation Process

  1. Creation of Fake Accounts:
    • Attackers create multiple accounts with fake users.
  2. Posting Content:
    • Fake account posts misinformation online.
  3. Amplification through Social Media:
    • Use of like, share, and follow options.
    • Social media algorithms further share popular posts.
  4. Mass Media Involvement:
    • Once popular, mass media may cover the misinformation, further spreading it.

Social Engineering via Brand Names

  • Technique:
    • Impersonate well-known brand names (e.g., Coca-Cola, McDonald’s).
  • Execution:
    • Create multiple fake websites with these brand names.
  • Search Engine Manipulation:
    • Google indexes fake sites.
    • Users searching for legitimate sites may be redirected to fake ones.
  • Consequences:
    • Display of malicious popups or images.
    • Possible malware infection, leading to:
      • Display of ads.
      • Tracking of site visits.
      • Data exfiltration.