By Charles Joseph | Cybersecurity Advocate
Last update: November 25, 2023
Social engineering is a type of deception where attackers exploit human psychology to trick people into revealing sensitive information or performing actions that could compromise security. Attackers often use social engineering techniques to target employees with access to valuable data or systems.
Stay One Step Ahead of Cyber Threats
Want to Be the Smartest Guy in the Room? Get the Latest Cybersecurity News and Insights.
Key Points
- Social engineering is a type of deception where attackers exploit human psychology to trick people into revealing sensitive information or performing actions that enable the attacker to gain access to systems or data.
- Attackers use social engineering techniques to target individuals or groups and often tailor their attacks to specific targets.
- Social engineering attacks can be difficult to detect because they rely on manipulation rather than technical exploits.
- Organizations can protect themselves from social engineering attacks by raising awareness of these threats and implementing security controls such as user education and training, two-factor authentication, and least privilege principles.
QUOTE:
"Amateurs hack systems, professionals hack people."
-- Bruce Schneier, a renown computer security professional
"Amateurs hack systems, professionals hack people."
-- Bruce Schneier, a renown computer security professional