Notes

Sec15 - Social Engineering Attacks

2 min read

Social Engineering Attacks

Techniques leveraging human psychology to breach security.

Methods of Influence

  • Authority: Compliance due to perceived power
    • Impersonate bosses, IRS agents
  • Urgency: Prompt action under time pressure
    • “Reset your password now for meeting”
  • Social Proof: Influence via others’ behavior
    • Fake likes/shares; use mutual connections
  • Scarcity: Limited availability prompts action
    • “Only 3 seats left—register now!”
  • Likeness: Build rapport via shared interests
    • Friendly banter, flirting to gain trust
  • Fear: Threat-based compliance
    • Fake FBI warning; ransomware scare

Phishing Campaigns

  • Phishing: Mass fraudulent emails to steal credentials
  • Spearphishing: Targeted emails using personal info
  • Whaling: High-stakes phishing of executives
  • Business Email Compromise (BEC): Hijack corporate accounts
  • Vishing: Voice-based social engineering
  • Smishing: SMS-based phishing

Also look into settoolkit this is a robust tool that I personally like when it comes to social engineering.

Gophish (Phishing Simulation)

  • Open-source phishing framework
  • Setup a Campaign:
    1. Define Sending Profile (SMTP host, port, from address)
    2. Create Email Template (mimic IT dept)
    3. Launch Campaign: track opens, clicks, submissions
  • Example Send Profile:
  Name: Morning Catch
  Interface: SMTP
  From: Boyd Jenius <bjenius@morningcatch.ph>
  Host: 192.168.56.101:25

Impersonation & Pretexting

  • Impersonation: Pretend to be trusted roles
    • Delivery person, support technician
  • Physical Pen Tests:
    • Wear uniforms (UPS, ISP logos) to enter restricted areas
  • Elicitation: Extract info via conversation
    • Ask to print test page to see copier IP

Surveillance Techniques

  • Eavesdropping: Listen to conversations (bugs, overhearing)
  • Shoulder Surfing: Observe screens/keypads in public
  • Dumpster Diving: Recover sensitive data from trash

Watering Hole Attacks

Compromise sites frequented by targets:

  1. Recon: Identify popular sites
  2. Compromise: Inject malicious code or ads
  3. Infection: Visitors unwittingly download malware
  • Defenses: patch sites, use filters, employee training

Evilginx (MFA-Bypassing Phishing)

  • MITM Proxy: Hooks victims’ sessions via reverse proxy
  • Process:
    1. Host real-time clone of login page
    2. Capture credentials + session tokens
    3. Hijack account even with MFA

Tailgating & Piggybacking

  • Tailgating: Unauthorized entry behind someone
  • Piggybacking: Invited entry by authorized person
  • Prevention: mantraps, security personnel, training

Browser Exploitation Framework (BeEF)

  • Exploits browser vulnerabilities via XSS hooks
  • Workflow:
    1. Hook browser via malicious JS
    2. Control sessions through GUI modules
    3. Modules: steal cookies, keylogger, screenshots

Tip: Ethical use only in authorized engagements to highlight browser security gaps.

Graph View