How Social Engineering Works

Social engineering refers to the techniques used by cybercriminals to trick their victims into launching malicious files on their computers, opening a link to an infected website or or sending criminals their private data. It is often performed by gaining the confidence of unwary users or appealing for help and subsequently infecting their computer or device using various methods. Just a few forms of social engineering to be aware of include:

  • Spam email sent en masse and infected with malicious software.
  • Phishing scams that involve sending out emails and texts disguised as being from authoritative and trusted sources, but secretly contain malware. These emails and texts are designed to trick the victim into infecting their computer or device with the malicious software. Likewise, they can also be used to trick the victim into giving away sensitive personal information.
  • Spear phishing involves phishing scams targeted towards specific individuals or organizations.
  • Baiting is another form of social engineering that involves leaving a malware-infected CD-ROM, flash drive or other device in a place that’s easy to find, luring victims who find them into loading the device onto their computer and infecting them with malware.

Users of all types of computers and mobile devices should keep a wary eye out for social engineering tricks. In recent years, social engineering tactics have grown increasingly complex and targeted towards newer devices such as smartphones and androids, creating a new urgency to be both watchful and up-to-date in terms of malware security.

Malware link delivery channels

Links to infected sites can be sent via email, ICQ, and other IM systems – or even via IRC Internet chat rooms. Mobile viruses are often delivered by SMS message.

Whichever delivery method is used, the message will usually contain eye-catching or intriguing words that encourage the unsuspecting user to click on the link. This method of penetrating a system can allow the malware to bypass the mail server’s antivirus filters.

Peer-to-Peer (P2P) network attacks

P2P networks are also used to distribute malware. A worm or a Trojan virus will appear on the P2P network, but will be named in a way that’s likely to attract attention and get users to download and launch the file – for example:

  • AIM & AOL Password Hacker.exe
  • Microsoft CD Key Generator.exe
  • PornStar3D.exe
  • Play Station emulator crack.exe

Ensuring victims don’t report the malware infection

In some cases, the malware creators and distributors take steps that reduce the likelihood of victims reporting an infection:

Victims may respond to a fake offer of a free utility or a guide that promises:

  • Free Internet or mobile communications access
  • The chance to download a credit card number generator
  • A method to increase the victim’s online account balance… or other illegal benefits

In these cases, when the download turns out to be a Trojan virus, the victim will be keen to avoid disclosing their own illegal intentions. Hence, the victim will probably not report the infection to any law enforcement agencies.

Another example of this technique was the Trojan virus that was sent to email addresses that were taken from a recruitment website. People that had registered on the site received fake job offers – but the offers included a Trojan virus. The attack mainly targeted corporate email addresses – and the cybercriminals knew that the staff that received the Trojan would not want to tell their employers that they had been infected while they were looking for alternative employment.

Unusual social engineering methods

In some cases, cybercriminals have used complex methods to complete their cyberattacks, including:

  • When one bank’s customers received a fake email that claimed to be from the bank – asking the customer to confirm their access codes – the method of confirmation was not via the usual email / Internet routes.  Instead, the customer was asked to print out the form in the email, then fill in their details and fax the form to the cybercriminal’s telephone number.
  • In Japan, cybercriminals used a home-delivery service to distribute CDs that were infected with Trojan spyware.  The disks were delivered to the clients of a Japanese bank.  The clients’ addresses had previously been stolen from the bank’s database.