The use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes
Methodology / How Hackers Do it
As mentioned above its the use of deception, to trick the victim, unknowingly handing out critical information. There are numerous methods of doing so, hackers use techniques such as phishing, dumpster diving, email spoofing, tailgating etc. The specific use of attack is critical to the “psychological effect and the success rate” you would expect to get out of the target.
Social Engineering Tools used by Hackers
SET - Social Engineering Toolkit
The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element.
Modlishka: Powerful Reverse Proxy
Modlishka is a very powerful Reverse Proxy tool that allows you to run phishing campaigns.
PhEmail – Open Source E-mail Phishing Tool
PhEmail is a python based email phishing tool that automates the process of sending phishing emails as part of a social engineering test.
Camelishing – Social Engineering Tool
The ultimate all-in-one social engineering tool.
King Phisher - Phishing Campaign Toolkit
King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks.