![]() ![]() The consultant may then be able to obtain passwords or other information from the help desk or any other employee who may perceive that the impersonated person has authority over them. In a penetration testing scenario, a consultant may impersonate the CIO or someone else with clearly defined organizational authority. Someone within a position of power in an organization is going to have more power and access to more information than someone at the bottom of the hierarchy. Typically this refers to a supervisory hierarchy. However, they are modified to fit more closely to use within social engineering. These categories are similar to the categories Max Weber defines. Therefore, our focus will be on organizational and social. Purporting to be law enforcement or other government officials would almost certainly be illegal. This generally applies to law enforcement officers. While power is the possession of control, or influence over others authority refers to the right to exercise that power. DefinitionĪuthority and power are separate but related concepts. Therefore, within the context of social engineering, we will break down different types. How can you protect yourself against common attacks?Īuthority can mean many different things.Technical Methods of Information Gathering.Physical Methods of Information Gathering. ![]() Why Attackers Might Use Social Engineering. ![]()
0 Comments
Leave a Reply. |