Resources & Publications

29 September 2014

Computer Based Social Engineering Attacks

Out of the blue you receive an email informing you about a large sum of money that is trapped in a foreign bank account a wealthy politician has died leaving a large sum of money. The sender is asking your help to transfer the money out of the country. You will receive a huge reward as well. The sender asks you to give them your bank account details to transfer the money then asks you to pay transfer fee/tax to transfer money out of the country. This fee may start with a small amount but will increase. The criminal will make up new fees that is necessary to be paid to receive your reward. It does not matter how much you pay, you will never receive your reward. This is a “scam” a type of social engineering and this particular scam is commonly known as “419 scam” an advanced fee fraud.

Criminals can use sophisticated attacks to gain access to your computer or trick you and obtain money. But they have another easier and non sophisticated tool in their arsenal called “social engineering”. Social engineering uses human interaction(social skills) and obtains confidential information. The obtained information is then used in accessing the user accounts or according to the above example the user is tricked in obtaining money.

Social engineering attacks may be divided into two categories.

  1. Computer based social engineering.
  2. Human based social engineering.

Computer based social engineering attacks may include the below.

  • Email attachments
  • Fake websites
  • Pop-up windows

On-line Scams

Emails sent by scammers may have attachments that include malicious code inside the attachment. Those attachments may include Keyloggers to capture users passwords,Viruses, Trojans, or worms.

Worm attacks

Attackers will trick users to click on a link or download a file then click on it, the executable file is a worm and will propagate from computer to computer copying itself.

A well known example is the “LoveLetter” worm that comes as an attachment in an email. The email requests the user to open an attachment in an email. When the users opens the attachment the worm copies itself to all the contacts in the users address book. This worm overloaded a huge number of email servers in the year 2000.

Sometimes pop-up windows can also be used in social engineering attacks. pop-up windows that advertise special offers may tempt users to unintentionally install malicious software.

Phishing attacks

This type of social engineering attack commonly uses emails to trick users in getting credentials to their bank accounts or maybe email accounts. The email mostly claims to be from a well known source, a highly reputed organization, and asks the user to click on a link that takes the users to a site similar to the organizations web site but this site is a fraudulent website that harvests users credentials. The fraudsters use these credentials to gain access to bank or email accounts and steal important information and money.

How to avoid being a victim

  • Do not input confidential information into websites without checking the website security.
  • Make sure the site is legitimate by checking the URL of the web site.
  • Do not click on links inside suspicious emails.
  • Fraudsters may even use events such as natural disasters(Asian Tsunami, Hurricane Katrina) or popular events(Olympics) for their benefit, be aware.
  • If you are unsure of the legitimacy of an email try calling the company directly with the use of contact information used previously.
  • Do not click or download suspicious attachments from email senders that you have not heard before.
  • Use email filters, firewalls,virus guards to reduce the threat.
  • When you are on the web, be aware that pop-ups that advertise bargains may request you to install malicious software to claim prices.

What can you do if you are a victim

  • If you think you have entered your user id and password to a fraudulent website change your password as soon as possible.
  • Inform the necessary authorities of the fraudulent object.
  • If financial information have been compromised, close down or lock account to prevent harm.