Social Engineering
Psychological manipulation techniques used to trick people into divulging confidential information or performing actions that compromise security.
Overview
Social engineering exploits human psychology rather than technical vulnerabilities. Attackers use principles like authority, urgency, fear, and trust to manipulate victims. This can occur through various channels - email, phone, in-person, or social media. Social engineering is often the first step in complex attacks, used to gather information for more targeted campaigns. The human element remains the weakest link in security, making social engineering one of the most effective attack vectors. Training and awareness are critical defenses, but even security-conscious individuals can fall victim to sophisticated social engineering.
Real-World Examples
- ▸Pretexting as IT support to obtain passwords
- ▸Tailgating into secure facilities
- ▸Baiting with infected USB drives
Related Terms
Protect Against Social Engineering
PhiShark's agentic AI detects and analyzes threats in real-time
Start Free Trial