The Social Engineer's Playbook: A Practical Guide to Pretexting by Jeremiah Talamantes

Author:Jeremiah Talamantes [Talamantes, Jeremiah]
Language: eng
Format: azw3
Publisher: Hexcode Publishing
Published: 2014-11-30T16:00:00+00:00

Screenshot of WHOIS query of GOOGLE.COM

Social Media, Job Boards & Blogs

A cultural shift has occurred in the last three to five years for many companies. That shift was toward corporate transparency and the adoption of social media as a widely used marketing tool. As I stated earlier in this book, companies use social networks to develop an affinity toward the masses. Nowhere else in history has there been a more direct line of communication between consumer and conglomerate. Companies use Twitter, Facebook, LinkedIn and YouTube to spread their brand in a much more personal way than ever done before. By opening their windows to the world, social engineers have an opportunity to gain better insight into a target with little effort.

Job boards, blogs, wikis and videos also contribute toward creating a closer connection with consumers. Often times, a company website will have the personal email address, Twitter link and LinkedIn account of many of its team members published. Online job postings tend to divulge lots of information about the company’s technology stack and sometimes hiring manager information. Social media connections are ideal for social engineers since they tend to be user-centric versus company-centric. There is greater chance of finding out likes, dislikes, schedules and other personal information about targets.

Mining social media for valuable information is and can be very time intensive. Thus, I won’t get into the specifics of exploring them individually. Thankfully there is a tool called Maltego that makes the information gathering process far more efficient. We will discuss Maltego in greater detail in the next chapter.

Public Sources

Public sources for collecting information on targets can be acquired through a number of public providers. Public data providers include Intelius, PeopleFinders and US Search. These data providers perform background checks and deliver reports about their subjects for nominal one-time fees or via subscriptions. Although most of the information they provide can be found using search engines, using their services may cut down on manual hours spent trying to dig up the information alone.

Intelius – http://www.intelius.com

US Search – http://www.ussearch.com

PeopleFinders – http://www.peoplefinders.com

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.