Social Engineering
In footprinting, the one of the easiest component to hack is human being itself. We can collect information from a human quite easily than fetching information from systems. Using Social Engineering, some basic social engineering techniques are: -
Social Engineering
You can understand the social engineering as an art of extracting sensitive information from peoples. Social Engineers keep themselves undetected, people are unaware and careless and share their valuable information. This information is related to the type of social engineering. In Information Security aspects, Footprinting through Social engineering gathers information such as: -
Eavesdropping
Eavesdropping is a type of Social Engineering footprinting in which the Social Engineer is gathers information by listening to the conversation covertly. Listening conversations includes listening, reading or accessing any source of information without being notified. Phishing
Phishing
In the Phishing process, Emails sent to a targeted group contains email message body which looks legitimate. The recipient clicks the link mentioned in the email assuming it as a legitimate link. Once the reader clicks the link, enticed for providing information. It redirects users to the fake webpage that looks like an official website. For example, Recipient is redirected to a fake bank webpage, asking for sensitive information. Similarly, the redirected link may download any malicious script onto the recipient’s system to fetch information.
Shoulder Surfing
Shoulder Surfing is another method of gathering information by standing behind a target when he is interacting with sensitive information. By Shoulder surfing, passwords, account numbers, or other secret information can be gathered depending upon the carelessness of the target.
Dumpster Diving
Dumpster Diving is the process of looking for treasure in trash. This technique is older but still effective. It includes accessing the target's trash such as printer trash, user desk, company's trash for finding phone bills, contact information’s, financial information, source codes, and other helpful material.
Footprinting Tool
Maltego
Maltego is a data mining tools that are powered by Paterva. This interactive tool gathers data and represents graphs for analysis. The measure purpose of this Data mining tools is an online investigation of relationships among different pieces of information obtained from various sources lies over the internet. Using Transform, Maltego automate the process of gathering information from different data sources. Nodes based graph represents this information. There is 3 version of Maltego Client software: -