Social Engineering

What Does Social Engineering Mean?

Social engineering is an umbrella term for any security exploit that relies on people's willingness to be helpful. A successful social engineering exploit depends on whether or not the attacker can trick someone else into making a mistake.

Advertisements

The purpose of this type of security exploit is to provide the attacker with legitimate credentials they can use to move laterally through target's network. This type of attack vector requires the attacker to have both soft skills and hard skills. Soft skills help the attacker gain initial access and hard skills help them to escalate privileges.

Popular types of social engineering strategies include Business Email Compromise (BEC) and phishing.

Techopedia Explains Social Engineering

Social engineering is as dangerous and harmful as any other cybersecurity attack.

Types of Social Engineering Attacks

Phishing and spear phishing are two common social engineering strategies that target a specific person or small group of people. Both types of attack are often email-based and include information known to be of interest to the target.

Typically, the attacker's email is made to appear as if it was legitimately sent from the organizations' IT department or senior management — and the message usually contains a warning about major consequences if requested information is not provided.

Business Email Compromise (BEC) is one of the most financially lucrative crimes in the United States according to the F.B.I. This type of security exploit targets both businesses and individuals who perform legitimate transfer-of-funds requests. The type of cyber fraud involves spoofing a legitimate business email account in order to trick the victim into transferring money into an account controlled by the attacker.

Advertisements

Related Terms

Latest IT Careers Terms

Related Reading

Margaret Rouse
Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…

Related News

dummy_img
Blockchain

The Future of Ethereum: Vitalik Buterin Looks to Enshrinement

Mensholong Lepcha12 months
dummy_img
Analytics

6 Real-World Edge Computing Use Cases

Linda Rosencrance12 months
dummy_img
Artificial Intelligence

What ChatGPT with Web Capabilities Can Do For Your Business

Neil C. Hughes12 monthsSenior Tech Writer
dummy_img
Blockchain

What It Takes to Be a Blockchain City

Ruholamin Haqshanas12 monthsCryptocurrency Journalist
dummy_img
Artificial Intelligence

AI Translation Could Help Crack the Secrets of Chicken Language

Kaushik Pal12 monthsTechnology Writer
dummy_img
Featured Content

Future Trends in Container Security: What Every IT Professional Should Know

Alan Draper12 monthsEditor-in-Chief

Popular Categories
Show All

Antivirus
Antivirus
Artificial Intelligence
Artificial Intelligence
Audio
Audio
CRM
CRM
Cryptocurrency
Cryptocurrency
Gambling
Gambling
Gaming
Gaming
HR
HR
Laptops
Laptops
Network
Network
Password Managers
Password Managers
Project Management
Project Management
Spy
Spy
Trading
Trading
VoIP
VoIP
VPN
VPN