Social engineering is a tactic that uses elaborate schemes to manipulate and deceive victims into giving out passwords, trade secrets, financial account details and other important company information. It’s a brilliant way of causing human error and exploiting it to gain access to target computer systems.
Common social engineering activities include phishing and its more sophisticated cousin, whaling, where users are tricked by deceptive email or social media messages into providing their personal info. Watering hole attacks — inserting malicious code in web pages — are also a favorite tactic.
Say, for instance, you receive a phone call from someone who claims to be one of your senior executives. He asks you about the progress regarding the new products and you eagerly provide the details. But the person on the other line is an impostor and you’ve just fallen prey to social engineering.
Other interesting terms…