There are 3 Steps:
|
1. A social engineer finds information about a person or organization by looking online
| 2. Using this information, the social engineer works to build trust with a victim, usually by pretending to be someone they're not |
3. Leveraging this trust, they will manipulate the victim into granting them access to sensitive information or locations |
|---|
What to watch for:
Urgent Requests |
Strange messages from friends/family |
Too good to be true offers |
Random offers of help |
Heightened emotions |
Anywhere a sender |
Website and logo irregularities |
Spelling and grammar errors |
Though we may think of them as hackers, social engineers do not fit the typical notion of a “hacker”. Instead of exploiting vulnerabilities in computers, social engineers take advantage of human nature to achieve an end. Social engineers, or con artists, have been around MUCH longer than hackers. David Maurer, an expert on con artists, said of them:
“Although the confidence man is sometimes classed with professional thieves, pickpockets, and gamblers, he is really not a thief at all because he does no actual stealing. The trusting victim literally thrusts a fat bank roll into his hands. It is a point of pride with him that he does not have to steal.” -David Maurer, The Big Con
Want to learn more? After reviewing all of the subpages below, check out our Games and Contests page – home of Phishle and Social Engineering Flip!
Tailgating Baiting Quid Pro Quo
.png){kind=icon}