Social engineering tactics for Windows users

Hackers, at least ones who are good at what they do, have an intimate and in-depth knowledge of computer systems and Windows applications. They have high-tech tools and utilities to help them identify target systems, bypass security measures, compromise computer systems and otherwise cause mischief.

The truth of the matter is that all of the programs and exploits in the hacker's arsenal pale in comparison to their number one weapon: social engineering. Social engineering is the art of preying on human nature for the purpose of misleading or deceiving someone.

The root of the problem is that most people, at their core, are fairly nice. People have an innate desire to be kind and helpful to one another. Just as some of the best features of an operating system or application end up being exploited for malicious purposes, this built-in kindness can be exploited by less scrupulous people to gain information or access. There are a number of angles t

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Intrusion detection, prevention and removal Windows security tools for the busy desktop administrator Check IT List: Five steps for rootkit detection Top Windows client security tools for end users Tools for virus removal and detection Buffer overflows can be prevented by GS cookies Determining the proper Microsoft malware removal tool October patches fix four threats Cool things about security, nothing about Britney Spears Run third-party malware detection tools in Windows Malware prevention and detection webcast series

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

hat can be used to exploit basic human nature. Here are a few of the most common:

These are just a few examples. Unfortunately, there is little defense. You want people to use common sense and good judgment. You don't want your users granting access or giving network credentials to strangers, but you also don't want everyone to be cynical and jaded against everyone and everything. Keeping users aware of common social engineering strategies may help them to be kind and helpful, but with a healthy dose of skepticism.

About the author: Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the About.com Guide for Internet / Network Security, providing a broad range of information security tips, advice, reviews and information. Tony also contributes frequently to other industry publications. For a complete list of his freelance contributions you can visit Essential Computer Security.