Welcome back, my greenhorn hackers!
Although we have focused primarily on technical hacks here, social engineering can sometimes be especially effective. This one requires a bit of technical skill, but not too much. In addition, it's limited by how specific a target you can choose—but it will work.
Social engineering is the art of getting people to give you the information you are seeking, rather than breaking into a system to get it. Among the most sought after bits of information is the username and password. Many online systems—even financial websites—use your email address as a username. Then they ask you to provide a unique password.
I've already covered one social engineering hack in my spear phishing with SET guide, and there have been numerous other social engineering hack guides posted here on Null Byte by contributors and past admins, most of which are still very useful today.
But today, we're going to focus solely on getting those much sought after email addresses and passwords. Let's concentrate on developing a website that targets a section of the population and have them create an account with their username (email address) and password.
The first step is too choose who or what industry you want to target. Let's imagine you want to target doctors. Since so many doctors are golfers, maybe you could create a special website that catered to golfing doctors. Maybe a website that ranked the best doctor golfers?
Now that you have the site up and running, you will need an authentication mechanism. We might simply ask the doctors to enter their email address as a username. Since so many sites today use the user's email address as their username, few would be suspicious.
After they enter their username, they will have to select password to be part of our wonderful website!
This is the hard and costly part. You need to promote the website so that busy doctors will find it and open an account. You can create a Google AdWords account and pay for words that send our victims to view our site. These keywords might be golf, golf vacations, best doctor golfers, etc.
Of course, this might take a while, but to be a good hacker, you must be patient and creative. Some effective hacks take years to be completed.
Eventually, some erstwhile doctors with more interest in hitting the links than caring for patients will find your site and log themselves in. When they do, you will have both their email address and their password for your site.
Now, there is no guarantee that your visitors/doctors will use the same password on your site as their email account, but nearly all of us re-use the same password despite all the precautions against it, even after such events as Heartbleed.
Let's start with the email account. Let's navigate to Gmail (if it's a Gmail address) and try the email and password to get into his email account. It won't work every time, but it only has to work a few times.
When we successfully enter his email account, we can search his emails for other accounts such as his bank, brokerage, etc. Remember, when he opened that account, the website sent an email confirming it with his username and password.
This little exercise, I hope, demonstrates that social engineering can be an excellent way to gain access to accounts that would be otherwise unbreakable. With a little imagination, hard work and patience, anything is possible!