Social Engineering: Credential Harvesting and Remote Access through Phishing Emails

Lab provided by the College of Engineering and Computing at the University of South Carolina Lab Overview: 

Social engineering is when hackers use psychological methods to trick their victims into giving them information or doing actions. These types of attacks are very effective because they rely on human errors. Social engineering attacks depend on how aware the public is to security practices and protocols.

The 6 key social engineering principles:

1. Authority

2. Intimidation 

3. Consensus

4. Scarcity 

5. Urgency 

6. Familiarity 

The goals of this lab are to:

1. Understand and define social engineering attacks

2. Use the setoolkit to craft a phishing email 

3. Harvest the victim’s login credentials to a website

4. Gain access to the victim’s machine

In this situation I will be playing the roles of attacker and victim.