The act of gathering vital information about a person through the use of physiological manipulation is called Social Engineering. It refers to a range of activities which could be targeted at an individual or a group of people.
Typically, social engineering involves multiple steps where data about a victim is pieced together over time. The first step in the process is to observe the target to understand his habits and to identify potential weakness.
Then an attacker approaches the victim and befriends him using information gained during the observation phase. Over time, the attackers gather enough information about the victim to use it maliciously.
Social engineering has been used to gain unauthorised access to computer systems, secure building, steal information and other things. They have also used the techniques to facilitate identity theft where an attacker assumes the victim’s identity, open a bank account and credit card and amasses a pile of debt.
Criminals have also used social engineering to create duplicate passports and other documents and then use those to order restricted chemicals, guns or other monitored substances. This way, when the authorities investigate, an innocent victim is caught as a culprit while the real criminals get away.
They have also used social engineering to hack laptops, smartphones and PCs. The attacker monitors the victim’s behaviour and use it to blackmail them if he finds a good weakness. For example, they could blackmail a cheating husband for money.
Criminals have used the same techniques to compromise security officials, banks officers and politicians and even judges to get a hold over them.
While attackers may get captured, the life of a victim will never be the same. They may have a lifelong scar and a massive debt, all because they used their dog’s name as the computer password.