Social Engineering is a phrase that describes an attack vector designed to take advantage of the naiveté of computer users or deceives people into thinking a request for service or information is legitimate. Crackers, for example, could telephone an employee and represent themselves as being from the computer staff and attempt to gain confidential information. Mis-information, deceit and manipulation of the target business are the trademarks. The technique is simply fraudulent.
Its Relevance: All employees need to be aware of the nature of this attack vector. Most people want to be courteous and have a basic instinct to help others. An attacker uses this method to mislead employees who work in the system to take advantage of the good will of people. Some attacks are very sophisticated and based upon trusted relationships that took weeks or months to develop.
Return from "Social Engineering" to Words [S - U]