Defined as “the clever manipulation of the natural human tendency to trust”, especially when the “thing” in question is so friggin’ tempting and all it takes is one click of a mouse button. Wiki describes it a bit more elaborately as “the act of manipulating people into performing actions or divulging confidential information.” Either way, it’s still one of the biggest threats people face while being online.
Long before internet came to Mizoram, there were instances of “primitive” social engineering in the form of snail mail. I remember my late Gramps following up on Reader’s Digests’ assurance of winning some Lakhs if he regularly renews his subscription. It was not such a bad deal, the magazine made a good read, and he didn’t really mind renewing, but unknowingly he was prey to the Magazine’s cleverly concocted scheme to keep their customers’ loyalty. Sure, he didn’t win the huge pile of cash, but I don’t think anybody did, and the disappointment of not winning was forgotten with time. The good ‘ol days… *sigh!
Now the landscape has changed, with most of the educated self-respecting population being net-savvy, access to the internet is fast and easily available, be it from the local cybercafes, home connections, GPRS, piggy-backing on random WLANs, etc. But it also brings evil-doers closer to home, and net users can no longer be ignorant about the looming threats anymore. It is, as has always been, the survival of the fittest.
The time I created my first email account, it was exciting to receive emails, didn’t really mattered who’d sent it or where it came from. Each email was read carefully from top to bottom, even if it didn’t mean anything. More than 10 years on and I’m still using the same email address. I get more spams than readable emails, its like looking for primes in a sea of odd numbers, more so because of my earlier rampant browsing habits (Mostly involves clicking anything that moves and providing information to any form that asks for it!). I guess my old ways are finally catching up with me!
Phishers use cleverly designed emails to lure users into their traps. The first thing they need to establish is your Trust, which is usually done by displaying a valid company logo, your name in the Subject, sending it from a valid First and Last name, etc. Here are 2 such examples, one taken from the internet and the latter from my inbox:
Another way to lure unsuspecting victims is by exploiting something which we all know too well. Money and Porn. The two things that makes us human deep down, no matter how much we may hide behind our carefully crafted facade. We may have been tamed by civilization, but we are still animals, social or not. Enough non-tech for now! The following examples are a clear indication that there are no boundaries, morals or shameful, no stone left unturned by malicious-users to get what they want:
So the next time you open your email, even from a well known friend requesting you to view his/her video, pic, etc or someone offers you money online, check and double-check the link you are about to click. When viruses/spywares/trojans etc. get on the computer, users usually deny ever having attached an infected pen drive, clicking on pop-ups, browsing Porn, etc, but that is history. What kind of a Virus-coder would I be if my creations are easily detected. The moment you plug-in your USB drive, or even when you click on you C:/D: etc, there is an Autorun file which always gets executed in the background, unless you Disable Autorun ! And that is just one of the zillion ways you get infected.
Mum always said that life is all about the choices we make, and that is what makes us who we are. We have the power of Freewill, but it is of no use without knowledge. But now we can have all the information we need, so whenever you are in doubt, don’t bing it, Google!
List of pictures used without permission: