social engineering attack framework
DESCRIPTION
Social Engineering Attack Framework. SEAF. What is SEAF / What is the Purpose of SEAF?. Social Engineering Attack Framework Purpose: Defines an attack framework that all SE attacks follow Allows one to generate and plan SE attacks - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/1.jpg)
SEAF
Social Engineering Attack Framework
![Page 2: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/2.jpg)
What is SEAF / What is the Purpose of SEAF?Social Engineering Attack FrameworkPurpose:
Defines an attack framework that all SE attacks follow
Allows one to generate and plan SE attacksAllows one to verify whether an attack was
indeed an SE attack
![Page 3: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/3.jpg)
![Page 4: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/4.jpg)
What does the social engineer want?
Identify the goal of the attack
![Page 5: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/5.jpg)
Which sources has the information that is needed to accomplish the goal?
Identify potential sources
![Page 6: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/6.jpg)
Investigate sources for useful things to aid in goal satisfaction
Assessment of sources
![Page 7: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/7.jpg)
Develop pretext if requiredPut source assessment findings together as
prep to attack
Combination and analysis of sources
![Page 8: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/8.jpg)
Establish plan of attack and how information will be elicited.
Development of an attack vector
![Page 9: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/9.jpg)
Initiation of communicationEmailOne-to-one conversationUSB flashdrive
Establishment of communication
![Page 10: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/10.jpg)
Build relationshipBuild trust
Rapport building
![Page 11: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/11.jpg)
Put target in the “correct” state of mind for the attack
Priming the target
![Page 12: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/12.jpg)
Retrieve required information bits from the target
Elicitation
![Page 13: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/13.jpg)
Perform measures to calm individual and to put him back into his normal state of mind
Maintenance
![Page 14: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/14.jpg)
One can choose to perform a transition to one of two states:Transition to further development of an attack
vectorTransition to goal satisfaction
Transition
![Page 15: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/15.jpg)
In this state your initial goal has been satisfied and there is no intention to use the same target for information again
Goal satisfaction
![Page 16: Social Engineering Attack Framework](https://reader036.vdocuments.us/reader036/viewer/2022062301/568161af550346895dd17000/html5/thumbnails/16.jpg)