Paper Contents
Abstract
The term "hypnosis" is attempted to be captured in this document as a tactic for putting a person into a trance and eventually gaining his attention. Apart from folklore relating to "hypnosis", there are even some medical and therapeutic benefits as well, which are used by psychologists. The digital hypnosis, however, has emerged as a new concern to the society, particularly with the ever-growing emphasis on digitalization in financial and business sectors. There are various types of Attack Vectors, i.e. phishing emails, Trojans, SQL Injection, etc. But Social Engineering is one of the most widely used tactics to gain right-to-know authority from a target or a victim by a perpetrator, and subsequently, the target is being exploited. This is very analogous to "hypnosis". This can also be viewed as a demonstration of destructive obedience, which relates to an act of obeying a command from some unverified sources or unknown persons without bothering to confirm the validity, possibly as a consequence of having limited knowledge. Social engineering is merely a psychological operation. Usually, it is executed in four steps as indicated below. i. Investigation :: Identifying the target after knowing a bit of his background. ii. Hook :: Trying to increase proximity either by means of indulging into some kinds of mutually interesting topics or provocation. iii. Play :: After gaining confidence, the perpetrator tries to expand his grip and starts exploiting, which can also be treated as the Foot-in-the-door technique. iv. Exit :: After the target has been exploited, the perpetrator exits, often without issuing any alarm to the victim. Thus, the wicked mission of the perpetrator gets accomplished and the victim may well become aware about the exact happening after some time, often several days. It would be pertinent to indicate here that, in this entire operation, the perpetrator doesnt use any kind of hacking tools to gain access to the victims system. This is done completely through human-to-human interactions. The perpetrator exploits the psychological manipulation, i.e., Coercive Persuasion to have a propensity to compromise the victim's security protocols, and consequently, the exploited. :: Keywords: social engineering, digital hypnosis, psychological operation ::
Copyright
Copyright © 2023 Biraj Das. This is an open access article distributed under the Creative Commons Attribution License.
