If you want to know what it is information gatheringfirst you should know that this Anglicism translates as information gathering and it is one of the stages prior to a cybersecurity attack. Sometimes, these attacks do not require complex computer knowledge to carry out, but simply sending an email is enough to trick a victim into downloading a software malicious or make a money transfer.
This technique to deceive people is known as social engineering. To achieve this goal, it is not necessary to be a computer expert, but what is important is gain the trust of victims so that they do things that they normally would never do.
Although you can prepare for recognize and avoid attacks phishing, The reach these have cannot be underestimated. There are ways to sophisticate these deceptions and make them very convincing. To understand these methods, we will explain what it is information gatheringa study phase that cybercriminals use to perfect attacks of social engineering.
What is information gathering?
When inquiring about what it is information gatheringwe will find a sophisticated method to perfect attacks aimed at companies or employees. He information gathering It consists of gathering data (to gather information), by different means, about the target of a social engineering attack, in order to produce a more convincing and effective deception.
Through internet, social networks or even the black market, attackers will seek all possible information about their victims. In this way, by knowing their targets in detail, cybercriminals can send deceptive messages that gain trust of those who attack.
In this way, attackers could find out data such as, for example, When the CEO goes on vacation, to take advantage of that moment and request money transactions from your employees. They could also find out data such as when there are events, meetings, etc., in order to write emails related to these topics and, thus, make someone believe that they are speaking with someone from the company’s internal network.
After all, if in a email Our name appears and it says that we will soon receive a package or information like that that is true, we will immediately tend to trust the source. In this way, they could manipulate us into carrying out banking transactions or revealing confidential company information.
And basically, this explains what information gathering is.
Stages of information gathering
To better understand what it is information gatheringwe recommend you know what are its stages:
Gathering information (gather information): This phase has the same name as the technique and consists of research, through which the required data is obtained.
Relationship development: Cybercriminals will exploit the acquired information in any way, so that, by mentioning or using it, they gain the victim’s trust.
Relationship Exploitation: Once the attacker discovers that his victim trusts him, he will proceed to manipulate her, in order to make her do something she would not normally do.
Goal execution: When it is discovered that the victim trusts the attacker and, in addition, does what he is told, the last step will come, which will consist of some method to steal property or information (information gathered).
Learn more
Now that you know what it is information gatheringyou may notice that There is an increasing risk of this practice. Over time, there tends to be more vulnerable information on the internet and, above all, on social networks.
To learn how to defend yourself from these dangers and transform you into a computer security expert, Visit our Full Stack Cybersecurity Bootcamp and become a specialist in less than 7 months. Sign up now!