[WEBINAR] The New Normal: Dealing with the Reality of an Unsecure World

Social Engineering

Definition - What does Social Engineering mean?

Social engineering is the non-technical cracking of information security (IS). It applies deception for the sole purpose of gathering information, fraud or system access. A number of tactics may be used, including:

  • Taking advantage of human kindness
  • Searching for sensitive data outside of a computer, like looking inside a dumpster
  • Obtaining computer passwords via covert methods

Social engineering was initially associated with the social sciences. However, the way it is used also makes it relevant to computer professionals, as it is a significant threat to any system's security.

Techopedia explains Social Engineering

Spear phishing is a common social engineering technique. For example, a phisher may send an email to addresses at a target company asking a user to verify security information. The email is made to appear legitimate and from the IT staff or senior management, along with a warning for major consequences if the required information is not provided. As with a regular phishing attack, the victim clicks a link that goes to a site the hacker sets up to gather the sensitive information, generally with the look and feel of the real website. After obtaining the info, the hacker has the ability to access the company's network by using a legitimate login.

Dumpster diving refers to a literal search of an organization's garbage for information that can be used to access a company's network. Companies often discard sensitive information, including system manuals, which intruders use to access information systems. In some cases, unerased and complete hard drives with extremely sensitive information are discarded, allowing a dumpster diver to easily boot up and obtain information.

Social engineering is as dangerous and harmful as any other technical attack. In fact, you could argue that social engineering is more serious than other threats, as humans are always in a vulnerable state. It is not that tough to properly configure a firewall. It is very difficult to train new staff about the dangers of social engineering exploits.

Techopedia Deals

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
"Techopedia" on Twitter

Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Free Whitepaper: The Path to Hybrid Cloud
Free Whitepaper: The Path to Hybrid Cloud:
The Path to Hybrid Cloud: Intelligent Bursting To Amazon Web Services & Microsoft Azure
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.