Social Engineering

Social engineering is a type of manipulation in which attackers use human psychology to trick people into disclosing sensitive information, performing actions, or making security mistakes.

Watch this video to learn more about social engineering:

What is the Internet’s contribution to it?

By allowing attackers to gather personal information, impersonate others, and create convincing scenarios for manipulation, the internet provides a vast platform for social engineering.

Methodologies used in social engineering:
Phishing occurs when deceptive emails, messages, or websites trick people into disclosing sensitive information.

Impersonation is the act of pretending to be a trusted entity in order to manipulate targets.

Pretexting: the creation of a false pretext or scenario in order to obtain information or gain access.

Baiting: providing something enticing in order to entice people to compromise their security.

Quizzes and Surveys: Using seemingly innocuous online quizzes or surveys to gather personal information.

How can we prevent it?

Verify Identity: Confirm the legitimacy of information or action requests.

Be skeptical: Be skeptical of unusual or unexpected requests, especially those urging urgency.

Educate yourself: To recognize potential threats, keep up-to-date on common social engineering tactics.

Use Multi-Factor Authentication (MFA) to increase the security of your accounts.

Personal Information: Be cautious when sharing personal information online.

As an example:
Aadhaar Scams: In India, scammers have used social engineering to impersonate government officials, claiming to help citizens with Aadhaar-related issues. They manipulate individuals into providing their Aadhaar details, leading to identity theft and financial fraud.