Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [CISSP-D] Phishing

from [Roshan Mani] Network Security [Permanent Link]
Subject: Re: [CISSP-D] Phishing
Date: Wed, 02 Feb 2005 11:16:50 +0530 


Hi Rajesh,

First of all what is a social engineering attack? In my opinion, this is 
a method of attack where the attacker exploits certain human tendencies 
to gain the confidence of an individual in order to launch an attack 
against either the individual or some other target!

This could be as simple as "Hi, what is your name, where do you work and 
what is your boss's name?" This information could be used against the 
individual who gave this information and/or against the individual's boss!!

A phishing attack is related to this kind of an attack, but the 
difference is, phishing additionally exposes the victim to FUD to gain 
information which can then be used against the vitcim or the target company!

For e.g., "Your internet banking account has been locked because of 
blah-blah-blah... please visit this site and resubmit your UN/PWD to 
reactivate your account"!!

regards,
Roshan Mani





 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [CISSP-D] Phishing, Rajesh
Next by Date:  [CISSP-D] Re: CISSP is not EASY., Doug Landoll
Previous by Thread:  [CISSP-D] Phishing, Rajesh
Next by Thread:  Re: [CISSP-D] Phishing, Balwant Rathore
Indexes:  [Date] [Thread] [Top] [All Lists]