SOCIAL ENGINEERING
Social Engineering (Cybersecurity)
Social Engineering is a cyberattack technique that manipulates people into revealing confidential information instead of exploiting technical vulnerabilities.
Attackers target human psychology—trust, fear, urgency—rather than systems.
🧠 How Social Engineering Works
Attackers typically follow a process:
1️⃣ Research → Gather info about target
2️⃣ Build Trust → Pretend to be a trusted person
3️⃣ Exploit → Trick victim into sharing data
4️⃣ Exit → Use stolen information
💥 Common Types of Social Engineering Attacks
📧 1. Phishing
Fake emails pretending to be trusted sources.
Example:
“Your bank account is locked—click here to verify.”
📱 2. Spear Phishing
Targeted phishing aimed at specific individuals or companies.
📞 3. Vishing (Voice Phishing)
Attack via phone calls pretending to be IT support or bank staff.
💬 4. Smishing
Phishing through SMS messages.
🎭 5. Pretexting
Creating a fake story to gain trust.
Example:
Pretending to be HR or IT support.
🧲 6. Baiting
Offering something attractive (USB drive, free download) to trick victims.
👀 7. Shoulder Surfing
Stealing information by watching someone’s screen or keyboard.
🚨 Real-World Examples
Fake login pages
Fraudulent emails
Impersonation calls
Malicious links
#CyberSecurity
#SocialEngineering
#Phishing
#CyberAwareness
#InfoSec
#CyberDefense
#SecurityTips
#StaySafe