(1. Introduction Social engineering is to apply the research method of things to the research of people themselves and turn them into tools of technical control. Social engineering is a method to gain self-interest by performing harmful tactics such as deception, damage, etc. on the psychological traps of victims, such as mental failures, natural reactions, curiosity, trust, and greed. "Social engineering attack" is to use everyone's mental characteristics to deceive users' trust, obtain secret information, system settings and other non-public information, and create favorable conditions for hacker attacks and virus infections. After the development of network security technology to a certain extent, the decisive factor is no longer technical issues, but people and management. Network security is usually easily broken by intruders from the inside, and using social engineering to carry out network attacks is a bit like the "undercover" in a movie or a novel. After obtaining sufficient and effective information, the network is successfully broken. Because the technology of security products is becoming more and more perfect, the people who use these technologies become the most vulnerable part in the overall link. In addition, people have mental failures such as greed, selfishness, curiosity, and trust. Therefore, through appropriate methods and methods, intrusion The attacker is completely able to obtain the information needed for the intrusion from the relevant personnel. Once you have mastered the theory of social engineering, you can obtain normal access rights, and then contact some network attack methods, you can easily break into a network, no matter how high the configuration of the system's software and hardware is. In recent years, social engineering attacks have become a trend of rapid rise and even abuse, and have exerted infinite effects in the process of virus expansion and transmission. Such as qq tail virus, love worm, MSN virus and phishing attacks.)
收藏
