By Charles Joseph | Cybersecurity Researcher
Published on
November 27th, 2022
This post was updated on November 25th, 2023
Social engineering is a type of deception where attackers exploit human psychology to trick people into revealing sensitive information or performing actions that could compromise security. Attackers often use social engineering techniques to target employees with access to valuable data or systems.
Key Points
- Social engineering is a type of deception where attackers exploit human psychology to trick people into revealing sensitive information or performing actions that enable the attacker to gain access to systems or data.
- Attackers use social engineering techniques to target individuals or groups and often tailor their attacks to specific targets.
- Social engineering attacks can be difficult to detect because they rely on manipulation rather than technical exploits.
- Organizations can protect themselves from social engineering attacks by raising awareness of these threats and implementing security controls such as user education and training, two-factor authentication, and least privilege principles.
QUOTE:
"Amateurs hack systems, professionals hack people."
-- Bruce Schneier, a renown computer security professional
"Amateurs hack systems, professionals hack people."
-- Bruce Schneier, a renown computer security professional