Social Hacking: Bypassing Any Tech Security
Social hacking is the process of using social engineering techniques to gain access to sensitive information or systems.
It is a form of phycological tradecraft that exploits human weaknesses, such as the need for trust and social interaction.
Direct human interaction to trick users into divulging confidential information or performing actions that they would not normally do.
The purpose of social hacking is to obtain financial information, account credentials, trade/state secrets, social media accounts or other confidential information. Instead of hacking the security system (passwords, firewalls etc.), this way bypasses most if not all technological measures. It’s also used to gain physical access to buildings or systems.
Social hacking is commonly seen as a part of larger cyberattacks, such as phishing campaigns or targeted attacks. However, it can also be used for less malicious purposes, such as marketing research or competitive intelligence gathering.
How Social Hacking Works
Social hacking is the process of using deception and manipulation to convincing people to hand over sensitive information or grant access to systems. This can be done in person, over the phone, or online through email or social media.
There are many different types of social hacking attacks, but they all rely on exploiting human trust, authority and gullibility. For example, an attacker may pose as a customer service representative and convince a victim to give them their credit card number. Or they may send a phishing email that appears to be from a legitimate company in order to trick the recipient into giving away their login credentials.
In order for social hacking attacks to be successful, attackers must first do their homework. They need to learn about their target’s habits, interests, and current situation so that they can create a believable story. For example, if an attacker was targeting a high-level executive at a company, they might research recent news events affecting the company in order to seem like a credible source of information.
Once the attacker has gathered enough information about their target, they can begin planning their attack. The goal of the attack will determine what type of social hacking techniques are used. For instance, an attacker trying to steal money from a bank account will use different techniques than an attacker trying to gain access to classified government documents.
Types of Social Hacking Attacks
Phishing
Phishing is one of the most common types of social engineering attacks. It involves sending emails or text messages that appear to come from a legitimate source, such as a bank or well-known company. The goal of phishing attacks is usually to trick recipients into giving away sensitive information like login credentials or credit card numbers. However, phishing can also be used for other purposes, such as delivering malware payloads or redirecting traffic to bogus websites .
Executive Fraud
CEO or executive fraud is a type of business email compromise (BEC) attack in which attackers impersonate high-level executives in order to tricks employees into transferring money or sharing confidential information . These attacks usually target finance departments and use personal details about the CEO (or other executives) that have been gathered through public sources or previous data breaches.
Pretexting
Pretexting is when an attacker uses false pretenses in order to obtain personal information from victims. For example, an attacker may pretend to be from a reputable organization in order to get victims to share sensitive information like passwords or date of birth. Pretexting can also involve physical deception, such as posing as a delivery person in order to gain access to buildings .
Vishing
Vishing (voice phishing) is when attackers use telephone calls or voicemails instead of email messages in order to obtain sensitive information from victims. Like phishing, vishing relies on creating a sense of urgency or fear in order soliciting personal information. For example, an attacker may call pretending to be from victim’s bank and say that there has been suspicious activity on the victim’s account. The caller will then ask for personal details like account numbers or passwords in order verify the victim’s identity.
Water Holing
Water holing attacks involve compromising legitimate websites that are frequented by targets and planting malware on those sites. When targets visit these sites, they unknowingly infect their systems with malware. This type of attack is often used against high-value targets because it allows attackers sit back and wait for victims to come to them instead of having t o directly target each victim individually.
Baiting Attacks
Baiting attacks typically involve physical media such as USB sticks or CDs/DVDs that contain malicious software or files. Attackers will leave these in the devices of their targets or send them through the mail in hopes that someone will find them and plug them into their computer out of curiosity. Once plugged in, the malicious software will automatically execute and give the attacker access to the victim’s device and any sensitive data stored on it.
Unlike a computer system, account or network getting directly (traditionally) hacked, it’s not necessarily the user’s fault because they don’t have complete control over it. So no matter how secure or advanced it is, it can still get compromised and 100 percent protection is never possible.
However, when it comes to social hacking, 100 percent protection is possible for an individual with solid OPSEC and vulnerability awareness. Unfortunately, most people are susceptible to be exploited through their human vulnerabilities.
Social hacking has the power to render any password, firewall or security measure useless by bypassing them altogether.
[OPTICS : Social Hacker Visualized]
![“Survival in any form for any environment is an act of prevention and or recovery, best enacted by preparation.” -Det V Cader The problem with survival prepping is the assumption that you’ll be home when the SHTF, if not then it was all for nothing. This is the solution: Standard “prepping” is the practice of stockpiling pertinent supplies and the training of survival techniques to be used for a possible lifestyle altering, large-scale catastrophe or SHTF event. The typical process is simple; slowly but consistently acquire food, water, weapons and other relevant equipment and store them in a singular central location such as a home or private “bomb” shelter. Just as important but far less utilized is the ongoing learning and practice of survival, defense and use of the prepped equipment. Having everything in one location has one fatal flaw, however. It assumes that you will be at that very location at all times or it will always be easily accessible and nearby to your present location. There’s no way of knowing when or where an “event” will take place. Meaning getting to your home base where all your survival prepping is stored may be impossible due to the nature of an “event”; mass gridlock traffic, land / infrastructure destruction, social panic and violence, restrictive martial law, vicinity containment, active combat / hot zones and public transportation collapse. The average person commutes to work or school 5 days a week far enough that they need to take motorized transportation, public or private. Then there’s leisure, recreation and errands time at other homes and facilities as well as being away on vacation. So all that survival prepping, across town or half way around the world can be lost or seized by another. For more than a decade I’ve been doing the “vagabond survival prepping method” of which evolved from stashing small city-specific go-bags around the world as part of my former operative profession. It wasn’t about survival back then but about professional utility and function. Equipment that wasn’t ideal to equip on my person at all times because of unnecessary baggage or non-permissive locales. As time went by and the more I returned to some of these “prepped cities”, the go-bags that were already stashed became better equipped and for more dynamic use such as urban / wilderness survival. To this day, I manage these hidden go-bags whenever I happen to be in their respective countries. That’s my way of survival prepping while vagabonding. These are located in a growing number of the cities I frequently visit in secure but relatively easily accessible spots such as; under a boulder access in New York’s Central Park, inside a tree stump in the Amazon Jungle and a derelict manhole in Bangkok – all of which have been my active stash spots for years. Unlike typical at-home-preppers, I don’t have the luxury of a long term address so I can’t hand pick the exact items I want off the internet to ship to. But this works out for me just fine as I build / upgrade my kits with readily available materials from the city I’m in. So if an “event” does take place (which will often affect major cities first and most), I’ll have my prep kit close by no matter where I am in the world. Instead of having to rely on a singular base a continent away. Due to the limited opportunity but unlimited variety of goods available while constantly traveling, each go-bag is completely different. Some by design and others by necessity. All are sealed to protect from the elements and hidden but easily “accessible”. Various Kit Items List: Backpack, Duffle Bag or Dry Bag MRE’s, Canned Foods and Vitamins Bottled Water and Energy Shot Water Treatment Tablets Prescription Contact Lenses Kevlar Vest or Shield Climbing Rope and Gear Euros and US Dollars Gold and Platinum Bullion Urban / SERE Kit Wilderness Kit First Aid / Trauma Kit SD Card w/ Data Smartphone Gas Mask Knife, Machete and other Weapons CB and Two-Way Radio Full Change of Clothes Multi Tool and Pry Bar Flashlight and Chemlights Sleeping Bag or Parka Solar Charger Some may consider renting a locker in a facility like train stations or self storage units. It’s not easy to maintain them for years at a time when you’re not even in the country for years at a time. Also, when considering an “event”, it’s logical to expect the loss of power grid and the mayhem in busy public areas. It’s best to stash them where no one will look in an area that won’t be too hectic but not where it will be too difficult to reach with limited transportation options. The vagabond survival prepping method isn’t limited to location independents and nomads, however. Consider your travel requirements of daily life and stash a go-bag in strategic spots accordingly; in your car, near your job, somewhere between your home and work, a friend’s place and near a hangout you frequent. Survival prepping doesn’t end with the acquisition of supplies and equipment, it only begins there and continues on with honing skills to survive and thrive. [OPTICS : Triple Aught Design Pack]](https://trdcrft.com/wp-content/uploads/2022/12/Vagabond-Survival-Prepping-FAST-Pack-Litespeed-1-490x550.jpeg)
