The so-called social engineering in the hacker's mouth

Source: Internet
Author: User

A harmful method, such as fraud, injury, and so on, is applied to the victim's mental defects, natural reactions, curiosity, trust, and greed. The method of obtaining its own benefits has become a rapid increase or even a messy trend in recent years. So what is social engineering? It is not the same as the usual fraud method. Social engineering is particularly messy. Even if you think you are the most alert, the same will be compromised by superb social engineering methods. The trap of social engineering is that the secrets of the user system are usually extracted from legal users by means of conversation, fraud, impersonation, or vernacular. Social engineering is a different level of approach from common fraud and fraud. A method of thinking and tactics to collect a lot of information about the actual situation of the other party due to the need of social engineering

What is my social engineering question raised by a brother who does not want to disclose his name? How do I view the social engineering they are currently using:

The opinions of social workers on their own are different from those on their own. Moreover, social workers are very popular. The fortune teller, salesman, and even shop assistants on the street will also look at the scenes and get your mind. Then retrieve your "weakness ". Most social workers in today's social workers and hackers think that they collect data and collect materials, how can a so-called social worker who does not communicate with each other talk about social engineering?

Then the brother sent me a very valuable article. I think this article is really excellent. So I extracted the following content:

Author of an article: xiaoya

Long-term social engineering:

Some people always think that, for long-term social workers, you have to stay in front of the policy figures for a long time. You may not need to spend a month doing this, you have already asked all the questions you want to ask, but you still cannot get the materials in the center. Why? Because you are too born. I am not familiar with the so-called taisheng. I have no heavyweight title in this company. As a Social Engineer, What is the title of HE? I usually assume that I create a title based on the company's needs, embed it in an internal communication group, and mail server. In view of the title, I think that this is based on experience, I personally think. How can we embed it? I usually collect materials first, then compile the title, embed it into the internal communication group, and learn about third-party Communication and mailing services. Then I try to embed it into the mail service. The first intention is to embed the mail server, be able to learn the notifications of major events of the company, and then be able to learn the related hearsay in the internal group. In this way, I will be able to get the complete materials of common actions of most companies. This will allow me to smoothly communicate with policy figures in the future. There will be no shells due to some issues, and some internal information can increase trust.

Waiting for an ambush for a long period of time is always based on the days of normal employees. They are bored in making speeches and talking about what to say. Always wait for the appropriate key, and then communicate with the policy personnel to obtain relevant information. The key to being appropriate is not clear here. I think it is appropriate. Of course, we usually also need to communicate with the principles, but have a good grasp of them. The heart cannot eat hot tofu. I think this sentence is a very important advice for the long term.

Instant combat social engineering:

Why am I taking it for "instant combat social engineering "? I think our common social workers usually need to perform quick operations, such as domain name social workers. We need to take quick actions and press the customer service to help me with relevant operations to prevent long periods of time and various customer service confirmations, the loss of social engineering .. In an instant, I will not describe any examples here. If you want a friend who is supportive of the article to go to to see relevant articles, I think the articles here are all very quality, although there are not many, there are indeed many excellent articles

As an instant war social worker, we need to prepare a few items, such as policy email, QQ, name, common code, common accounts, ID card information, and mobile phone number .. These items are collected as much as they can. Depending on the situation, I am a social worker. I usually only use two ideas: Getting trust and pretending. What I have to say here is not the art of fraud, but the tip of heaven. It is very important to talk about things. If you say too much, it seems frivolous. If you say less, you cannot attract the other party. I personally think that it is a matter of chatting with scammers to learn how to lie to you, and then to cheat others in the same way. Of course, we have a proper way, if the intention is reached, you can just let it go. If you want to continue, I 'd like to say, you can do it now. Don't play with the club. Lie to me. If you are not sure, you cannot do it. If you lose a few times, you will naturally know where it is. I have forgotten the number of times I lose, but I like to ask the other party how to find it, ask the other party if I have exposed myself in the conversation language. Learn from your experience and never commit again next time.

As a social worker, I once believed that I could succeed without giving up my policy. Later, I found that I was too confident in trying my best to use this word, and my mind was not very quiet online. Later, I gradually learned that I did not carry out any social engineering work with great intentions. I first put my mission on the right, and then used my left brain to talk about things. After waiting for a proper time, I moved my mission out again. In fact, I later found that the subconscious of many social workers has shown the shadows of my mission. As the Mission is now in my mind, when talking about things, the subconscious will gradually move toward the mission.

Summary: today, there are many legendary social engineering emperors. Many people use their so-called social engineering to take orders to earn money, but are you really a social engineering engineer? Just checked the database? What about baidu and google? Then it is called a social engineering? That night, I chatted with the brother who did not want to disclose his name for a long time. He also showed me an article about some so-called social workers, he ran his social engineering pants and baidu his materials with his account, and then wrote a social engineering article? Is it social engineering? If you think I'm not talking about it, let's look back at the social engineering introduction. Did he say that the first one is collecting materials, and the second one is asking for thinking and tactics, is there a need to communicate? Do you still have the ability to communicate with him without touching the goal of social engineering?

I used to write my first article, "failed social engineering, unexpected harvest", on my own. I have always thought that this is a social engineering job and I have contributed to it. Later, I found that this was not a social worker. I just checked the database and guessed the password. Then? I have never touched the target of a social engineering employee. Now this article is only saved on a USB flash drive and has never been taken out.

Previously, social engineering was called the art of fraud. Today, most social workers on the market, I call it the art of installation, right or wrong.

The above is just what I observed and summarized. It's just your own point of view.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.