Put another way, social anxiety is the fear and anxiety of being judged and evaluated negatively by other people, leading to feelings of inadequacy, embarrassment, humiliation, and depression. If a person usually becomes anxious in social situations, but seems fine when they are alone, then “social anxiety” may be the problem.

Social anxiety disorder (social phobia) is a much more common problem than past estimates have led us to believe. Millions of people all over the world suffer from this devastating and traumatic problem every day of their lives, either from a specific social phobia or from a more generalized social phobia. In the United States, epidemiological studies have recently pegged social anxiety disorder as the third largest psychological disorder in the country.

A specific social phobia would be the fear of speaking in front of groups, whereas generalized social anxiety indicates that the person is anxious, nervous, and uncomfortable in almost all (or the majority of) social situations.

People with social anxiety disorder usually experience significant emotional distress in the following situations:

Common anxiety provoking social situations include:

a) talking with people in authority

b) dating and developing close relationships

c) making a phone call or answering the phone

d) interviewing

e) attending and participating in class

f) speaking with strangers

g) meeting new people

h) eating, drinking, or writing in public

i) using public bathrooms

j) driving

k) shopping

Physical symptoms that may occur during, or in anticipation of, the situation include:

a) rapid heartbeat

b) sweating

c) muscle tension

d) upset stomach

e) trembling

f) shaky voice

g) dry mouth

h) blushing

i) queasiness

j) ticks

k) hyper ventilation

l) difficulty making eye contact.

People with social anxiety disorder may never know that their anxiety is irrational and does not make “head” sense. Nevertheless, “knowing” something is never the same as “believing” and “feeling” something. Thus, in people with social anxiety, thoughts and feelings of anxiety persist and show no signs of going away. It’s in such cases that On-line forums become handy.

The internet offers many sites that focus on the topic of social anxiety and have forums on these issues. This in an excellent opportunity, especially for individuals with this condition to get together and articulate their fears and feelings. These forums are purposely created to offer people with social phobia a chance of meeting similar individuals without feeling self-restricted and conscious. These on-line social forums are ideal for most people, because it gives them sufficient time to type or speak whatever they have in mind.

Relaxation is a very important thing to the patients of social anxiety and these on-line forums provides then with that much needed environment, where they need to feel comfortable. Different resources that may be of interest to sufferers of social anxiety disorders are all offered to them. It also makes communication to individuals with similar conditions easy. The social anxiety forums also offer a good environment to meet new people from various parts of the world and make friends, other than just learning about their experience with social anxiety. You can also learn new tricks of managing the condition and also share tips of your own.

The number of social anxiety on-line forums is growing fast, so you are sure to find many. They may be all similar but offering different content. They provide chat capability where instant communication is possible in addition to forum boxes, where you can leave your comment, and it can be answered immediately or when someone logs into the site. It therefore pays to check on-line for these social anxiety forums if you are a sufferer of anxiety. AND Who knows; you might just find the right help.

Creating social networking websites is getting easier each day. However, designing successful social networking websites has three major requirements:

1. Uniqueness 

2. Lots of creativity

3. Lots of patience (time)

If a social networking website is designed based on these three aspects there is no doubt that the project will be a grand success. Here, in this article, you will find the necessity of the three main factors of social networking web design.

The need of Uniqueness

Everyone using the Internet will be aware of the fact that the Social Networking arena is overcrowded. Hence uniqueness of the social networking websites is very much essential to stand out from the crowd. To make your social networking website design unique, you will have to spend lots of time in analyzing the aspects of other popular social networking websites like Facebook, Myspace and Orkut. You have to offer the users of your social networking website with something different and useful that most of the other popular social networking websites do not offer. One of the reasons behind the popularity of facebook is the handful of useful applications. There is a cool application called “Compare me” which allows users to compare themselves with the peers. Providing such cool, interactive social networking applications in your own website will attract more people.

The need of Creativity

Creativity is very much essential for designing social networking websites. The above said uniqueness in social networking web design can be achieved only by vivid creativity. So where does the creativity come from? Creativity comes as a result of extensive research. With lots of social networking websites out there, learning what to do with your social networking website is very easy.

The need of time

Both the above said aspects involved in designing social networking websites depend upon time. The more the time you spend in designing your social networking website, the more will be the success of the same. Researching what the competitor social networking websites are offering and coming up with creative ideas to make your social networking website look unique will eat up much of your time.

Bottom line

If you lack anyone of these there aspects of social networking website design, it’s better to get some professional help rather than do it by yourself. There are many professional social networking web designers with hands on experience in the same. All you have to do is to express you requirement and they will take care of everything- from planning to effective social networking web designing. There are some unique social networking web design companies who offer promotion of your website along with designing. These Social networking web design services offered by the experts with strategic thinking will guide you to the path of success.

The goal of my paper will be to explore the topic of Social Engineering in all its facets.  But what really is social engineering?  Is it a term that can be applied in any field other than Information Technology?  Your Dictionary references Webster’s Dictionary, which defines social engineering as thus (Your Dictionary, 2006):

A deceptive process in which crackers “engineer” or design a social situation to trick others into allowing them access to an otherwise closed network, or into believing a reality that does not exist.

 

However, in a much broader sense, social engineering can indeed take place outside of a technical field or applied to describe a non-I.T. related situation, because in reality, the act essentially involves deceiving another individual into divulging information that should be kept secret.  The following definition better describes social engineering in this light (Social engineering (security), 2009):

Social engineering is the act of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud or computer system access; in most cases the attacker never comes face-to-face with the victim.

 

 The goal of this paper aims to explore these many situations that others might not classify as an social engineering act to steal information, and in addition to that goal, explore similar objectives throughout: to create a conversation about social engineering by generating awareness, discuss the many different kinds of social engineering methods, cite examples of real world social engineering events & the people responsible, and finally, cover a list of best practices to avoid social engineering attacks.

 

        So now that we have established a “working definition” by which to base the foundation of this discussion on social engineering, the next logical step would be to mention a few of the well-known techniques employed in social engineering acts (Granger, 2001). 

A very widely recognized form of social engineering occurs over the phone, which gives all the anonymity in the world a person with malicious intent could ask for.  Those that are particularly vulnerable to this type of threat are help desks, customer service reps, and of course, the common victim: the innocent individual minding their own business at home, on the comfort of their couch.  But just because most of these attacks are known to occur over the phone, does not mean that you are safe when actually using the phone yourself.  What do I mean by this?  IT’s known as shoulder surfing (Dwyer, 2008), or when someone else gleans your PIN number or ATM number by simply standing over your shoulder at either a large airport or phone booth. 

Another great example of why social engineering isn’t just something to worry about at the workplace is how often thieves thrive on another technique known as Dumpster Diving, which involves hackers or anyone with malicious intent attaining information such as: calendars showing when employees might be out of town, policy manuals detailing how internal systems are protected, or even hard drives that can be restored & vital information discovered (Berg, 1995).

But my favorite form of social engineering has to be the form described as Quid Pro Quo.  (Wikipedia, 2009) Imagine, if you will, that the “attacker” attempts to randomly ring up someone claiming to be returning their technical support call; eventually, said attacker will find someone who is grateful to have been called back, who will have no problem following whatever instructions the attack doles out… which will most likely be either a series of malicious commands or the giving up of valuable information (such as a credit card number or name and password).

        While there are certainly many more techniques that could be discussed, I would like to focus the next section on elaborating on the techniques described above with specific, real world scenarios of social engineering taking place.  A very fascinating example of an attacker making the victim believe that he is of a higher authority is described by McAfee Avert Labs and SANS analyst Lennny Zeltser (Kumar, 2009):

Apparently, yellow fliers were placed on vehicles in a parking lot, and the fliers claimed that the vehicles were in violation of parking regulations. The fliers further stated that the owner could visit a certain website to get more information and pictures about the offense.

 

Now you can imagine the result of this very clever form of social engineering: said victim sees the fliers and once they reach home, attempt to visit the designated website – only to be told to download a toolbar or some other form of disguised malware, which in turn infects their PC with even more malware. 

Kevin Mitnick, who was once one of the most wanted hackers in the U.S. in the late twentieth century, wrote a book entitled The Art of Deception (Mitnick, Amazon, 2009).  In his book, he describes several examples of social engineering, and in one he describes how someone could wait for a snow storm to occur, and then calling the network center posing as a… you guessed it, snowed-in employee.  In other similar examples, Mitnick gives a smaller example of how someone could get a police officer to divulge when he might be out of town, and by scheduling a court date at that specific time; get out of the speeding ticket (Mitnick, Social Engineering Books, 2006).   

        A few of these examples of social engineering are really quite startling.  How can one hope to avoid falling into these tricks when many of them are so clever?  There are a few “best practices” that can be taught which will help falling into the social engineering traps.  Some may be ideal for teaching fellow employees and others might just be applicable to the individual, helping him or her to live a more secure life in regards to their important information’s safety. 

        Some of the best techniques to teach employees, as identified by US-CERT (United States Computer Emergency Readiness Team), are as follows (McDowell, 2004): 

Be suspicious of any phone calls, visits, or email messages from individuals asking about employee or internal information.  Always ask any individual claiming to be of a legitimate organization to verify their claims; this is especially true if they could use your position as a gateway to attain privileged information (for example, you work at a help desk).  Almost never reveal sensitive information over the internet.  Never.  Before doing anything with any amount of sensitive information, consult a higher authority or person with full knowledge of your company’s security policy. Always shred any company documents before discarding them.  Even the slightest bit of information can give an attacker inside knowledge as to who works at the company, their operating hours, or phone numbers.

Richard Steinnon of the website CIO Update decries what is often touted as the “best defense against social engineering:” training.  He stipulates that if you determine a mandatory training in order to sharpen peoples’ awareness is needed in order to avoid social engineering attacks… then you already have a hole in your defenses.  Ultimately, the very best defense against a good social engineering attack is: enforce policy (Stiennon, 2009).

            In conclusion, I have covered a wide ranging of topics all of which involve a discussion centered on Social Engineering.  What began as an initial exploration into the definition of Social Engineering, the discussion then progressed into examples of the varying types of social techniques that attackers employ to trick others into divulging sensitive information. 

Many common ex
amples of real world attacks were also covered and how devastating their implications can be to the victims; corporations or individuals are not safe against any sort of Social Engineering attack.  Chief among those who used to be considered the most dangerous of all, Kevin Mitnick, wrote a book describing in detail how wide-ranging Social Engineering attacks can be. 

And finally, I briefly covered some “best practices” to avoid such social attacks from occurring to you or future employees.  While it may seem obviously to a technically inclined individual, everyone can be a victim of these kinds of attacks when not following the most basic of policies.  Being intelligence with information essentially keeping it to yourself.  But rest assured that there are those out there who are constantly inventing new and dangerous ways in which to trick innocent people into giving away important information.  And it’s only with constant diligence and a re-affirmation to confidentiality can we hope to avoid the trap known as Social Engineering.

 

 

Works Cited

Berg, A. (1995, November 11). Social Engineering. Retrieved April 19, 2009, from Packet Storm Security : http://www.packetstormsecurity.org/docs/social-engineering/soc_eng2.html

Dwyer, J. (2008, January 12). Picking Pockets? Nah, Surfing Shoulders. Retrieved April 19, 2009, from New York Times: http://www.nytimes.com/2008/01/12/nyregion/12about.html

*Granger, S. (2001, December 18). A True Story. Retrieved April 19, 2009, from Security Focus: http://www.securityfocus.com/infocus/1527*

Kumar, L. (2009, February 4). Real World Social Engineering. Retrieved April 19, 2009, from McAfee Avert Labs Blog: http://www.avertlabs.com/research/blog/index.php/2009/02/04/real-world-social-engineering-to-spread-malware-online/

*Major, S. D. (2009). Social Engineering: Hacking the Wetware! Information Security Journal: A Global Perspective , 40-46. *

McDowell, M. (2004). Tips. Retrieved April 19, 2009, from US-CERT.GOV: http://www.us-cert.gov/cas/tips/ST04-014.html

Mitnick, K. (2009). Amazon. Retrieved April 19, 2009, from Amazon: http://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/0471237124

Mitnick, K. (2006). Social Engineering Books. Retrieved April 19, 2009, from Social Engineering: http://www.social-engineering.eu/books/artofdeception/

Social engineering (security). (2009, April 16). Retrieved April 19, 2009, from Wikipedia: http://en.wikipedia.org/wiki/Social_engineering_(security)

Stiennon, R. (2009, October 19). The Best Defense Against Social Engineering. Retrieved April 19, 2009, from CIO Update: http://www.cioupdate.com/trends/article.php/3638951/The-Best-Defense-Against-Social-Engineering

Wikipedia. (2009, April 16). Retrieved April 19, 2009, from http://en.wikipedia.org/wiki/Social_engineering_(security)

Your Dictionary. (2006). Retrieved April 19, 2009, from http://www.yourdictionary.com/hacker/social-engineering