Protect Yourself From Social Engineering

Definition: the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes

There are 3 Steps:

1. A social engineer finds information about a person or organization by looking online

  • Name, social media accounts, interests, bank, etc.
  • An organization's weak points
2. Using this information, the social engineer works to build trust with a victim, usually by pretending to be someone they're not

3. Leveraging this trust, they will manipulate the victim into granting them access to sensitive information or locations

What to watch for:

Urgent Requests

Strange messages from friends/family

Too good to be true offers

Random offers of help

Heightened emotions

Anywhere a sender
cannot verify their identity

Website and logo irregularities

Spelling and grammar errors

Though we may think of them as hackers, social engineers do not fit the typical notion of a “hacker”. Instead of exploiting vulnerabilities in computers, social engineers take advantage of human nature to achieve an end. Social engineers, or con artists, have been around MUCH longer than hackers. David Maurer, an expert on con artists, said of them:

“Although the confidence man is sometimes classed with professional thieves, pickpockets, and gamblers, he is really not a thief at all because he does no actual stealing. The trusting victim literally thrusts a fat bank roll into his hands. It is a point of pride with him that he does not have to steal.” -David Maurer, The Big Con

Want to learn more? After reviewing all of the subpages below, check out our Games and Contests page – home of Phishle and Social Engineering Flip!

Tailgating Baiting Quid Pro Quo

Dumpster Diving Pretexting Protect Yourself

Phishing Victim?

Back to top button