SOCIAL ENGINEERING
Social engineering is a technique used by cybercriminals to trick individuals or organizations into divulging sensitive information or performing actions that can compromise their security. It involves exploiting human psychology and emotions to gain access to confidential information, systems, or networks. Social engineering techniques include phishing emails, pretexting, baiting, and other methods.
Here are some examples of social engineering techniques:
1
Phishing
Phishing emails are fake emails that appear to come from a trusted source, such as a bank or an online service provider. These emails may ask the recipient to provide sensitive information, such as login credentials, credit card details, or other personal information.
2
Pretexting
Creating a situation to gain access to private information is known as pretexting. Social engineering techniques include calling a target and pretending to be a tech support representative who wants access to their computer to resolve a problem.
3
Baiting
Baiting is a form of social engineering in which an enticing object, such a USB drive, is left in a public area in the hopes that someone will pick it up and put it into their computer. The security of the computer could be jeopardized by malware or other dangerous software on the USB device.
4
Impersonation
Impersonation is the act of posing as someone else to gain access to sensitive information or systems. This may involve creating a fake online profile, or even physically impersonating someone to gain access to restricted areas.
5
Spear Phishing
A spear phishing attack targets a specific person or group and is known as a targeted phishing attack. The attacker might fabricate a persuasive email that appears to be from a reliable source using data obtained from social media or other sources.