Wanting to learn more regarding social engineering and what I should be looking out for, I decided to search for some recent methods social engineers have been using to entangle their victims. I came across an article written by Joan Goodchild, called “5 More Dirty Tricks: Social Engineers’ Latest Pick-Up Lines”, put up on csoonline.com not more than a few weeks ago, which as referenced in the title was exactly what I had been looking for.
The article mentioned a method that requires impersonation on the part of the social engineer. The attacker is to impersonate a Microsoft support employee calling a person and claiming that an unusual amount of errors have been coming from their computer and they would like to help you fix it. Then the so-called employee proceeds to give the victim a step-by-step on how to view these errors that were mentioned. The article states that Windows users consistently have a number of errors shown in their event logs because it logs every little error that occurs, however, to the inexperienced user this can look quite worrisome. Now that they have actually seen the errors that are spoken of they are, of course, eager to listen to their attacker on how to solve the problem. The attacker then tells them to go to teamviewer.com, ” a remote access service that will give them control of the machine.” From this point on he or she installs some type of malware in order to access the victims computer at any time.