Definition : Social Engineering

Social engineering is a technique of psychological manipulation used to deceive individuals into disclosing confidential information or performing specific actions that could compromise their personal security or that of an organization. Unlike cyber attacks that exploit technical vulnerabilities, social engineering targets human weaknesses, such as trust, curiosity, or lack of knowledge, to mislead victims. Attackers using social engineering employ various methods to gather sensitive information, such as passwords, financial data, or access to secure systems. These methods include, but are not limited to: - Phishing: Sending emails or messages that appear to come from a trusted source to persuade recipients to reveal personal information or click on malicious links.

- Pretexting:

Creating a false scenario or pretext to obtain personal information under the guise of an investigation or routine check. - Baiting:
Offering bait (such as free software) to entice users to install malware or disclose their information. - Quid pro quo:
Proposing a service or advantage in exchange for information or access. - Tailgating or piggybacking:
Following an authorized person to enter a restricted area without being detected. - Vishing (voice phishing) and Smishing (SMS phishing):
Using phone calls or text messages to scam personal information. Social engineering attacks can have serious consequences, ranging from identity theft to compromising the security of corporate networks. To protect against these threats, organizations and individuals must be vigilant, regularly educate employees about security risks, and adopt strict security policies, including identity verification and the use of two-factor authentication.
glossary_definition_se_17 glossary_definition_se_18

glossary_definition_se_19