Definition:
Social engineering is a type of cyberattack that relies on manipulating human behavior to trick individuals into divulging sensitive information or performing actions that compromise security.
Use Cases:
- Used by attackers in phishing schemes to trick users into revealing login credentials or downloading malware.
- Employed in spear phishing attacks to target high-value individuals within an organization.
Related Terms:
Questions and Answers:
- How does social engineering work?
Social engineering manipulates individuals by exploiting psychological triggers such as trust, fear, or urgency to convince them to reveal sensitive information or take harmful actions.
- What are the common forms of social engineering attacks?
Common forms include phishing (email-based), vishing (phone-based), pretexting, and baiting.
- How can organizations prevent social engineering attacks?
Organizations can prevent social engineering attacks by training employees to recognize suspicious behaviors, verifying requests for sensitive information, and using multi-factor authentication.