Skip to main content

Social Engineering

Use Loki's tactics to convince unsuspecting users to provide sensitive data or to violate security guidelines.

The social engineering process can be divided into three main phases: reasearch, development, and exploitation.

Research

In this phase, the attacker gathers information about the target organization, often using methods like footprinting and fingerprinting.

Development

In this phase, the attacker finds and selects targets to manipulate. Through various methods of communication, they build a rapport and a sense of trust with the target.

Exploitation

Now, all we have to do is ask nicely for the information we want.

  • Username/Password
  • Social Introductions to other employees
  • Inserting a USB
  • Opening an infected email attachment
  • Exposing trade or company secrets in a discussion

And of course, we cover our tracks. Wipe our digital footprint from the sand, if you will. Making your exit as smooth as possible might be the most important step when conducting a social engineering attack.

Back to top