Social engineering is defined as-
One of the simplest methods to gather information about a target through the process of exploiting human weaknesses,
that is inheriting to every organization.
Unlike traditional cyberattacks that rely on security vulnerabilities to gain access to unauthorized devices or networks;
social engineering techniques target human weaknesses.
For this reason, it is also considered human hacking.
Cybercriminals who conduct social engineering attacks are called social engineers.
Types of social engineering
Tailgating is when a social engineer physically trails or follows an authorized individual into an area they do not have access to.
This can be as simple of an act as holding a door open for someone else.
Once inside, they have full reign to access devices containing important information.
Phishing is a well-known way to grab information from the victim.
A phisher, sends a message to a target and ask for some type of information or action;
this might lead to a more significant crime.
The phisher might be encouraging you to download an attachment or verifying your mailing address.
Baiting is an activity where the attacker attempts to lure or bait the potential victim with a promise of a reward.
It occurs both physically and online.
In the physical realm, the bait can be a USB stick or hardware wallet left in a visible spot.
It is the use of an interesting pretext, or ploy, to capture someone’s attention.
Once the story hooks the person, the social engineer tries to trick the person into providing something of value.
Quid pro quo
Quid pro quo means a favor for a favor.
“I give you this, and you give me that.”
In the instance of social engineering;
The victim loses sensitive information like account logins or payment methods;
And then the social engineer doesn’t return their end of the bargain.
Also checkout our website for such useful information