Social engineering is a type of manipulation that convinces someone into giving up confidential information such as a PIN number or OTP or other credentials. Social engineering works through tricks and deception rather than technological exploits. These attacks take advantage of human weakness such as emotions, trust or habit in order to convince individuals to take action such as clicking a fraudulent or malicious website. Social engineering often helps attacker’s to gain foot in the door for completing major cyber attacks and can have severe consequences.
Social engineering depends on human psychology, if used well, it can be harnessed to gain access to bank accounts, network systems, building, use your credit card for transactions and more.
For example, instead of using brute force attacks to discover system credentials or write malicious code for months instead cyber criminals can trick individuals to divulge their password over the phone. If they speak to the right person and say the right things, they could be on the network in moments.
Criminals use a number of different techniques to discover our weakest link around fear,likes, dislikes and our other weaknesses.