What is a social engineering attack?
Seen some scary headlines about a new “social engineering attack” doing the rounds but not sure what that actually means? Then you’re in the right place as we’ve created this guide to detail what the term means, and some quick tips on how to avoid falling victim to them.
The short version is that a social engineer attack is the point at which computer misuse combines with old-fashioned confidence trickery. Specifically, social engineering attacks are scams that exploit the most vulnerable part of any technical system: the user.
Social engineering attacks can be carried out via the web, email, phone, and SMS or instant messaging, or in person. They rely on deceiving a user into believing that the bad actor is an honest representative of, for example, Amazon or Microsoft for long enough to give the bad actor their login credentials, access to their computer, or money.
Social engineering attacks can take place in real time, with someone actively speaking to you on the phone or physically present at your office; asynchronously as through an exchange of emails with a bad actor pretending to be someone they’re not, or be a passive trap delivered via an email, a website, or even a physical USB drive.
Kaspersky Total Security – Now 60% off
Award-winning protection against hackers, viruses and malware. Includes, Free VPN, Password Manager and Kaspersky Safe Kids.
USE code: KTSQ210 to save an additional 10% on top of the already fantastic 50% discount
- CODE: KTSQ210
- 60% off
- £16 per year
Examples of social engineering attacks
Phishing, in which a bad actor sends out messages, often by email, designed to look like they’re from a legitimate company, with the intention of getting you to hand over your login details or authorise a payment are common example of social engineering attacks. They often do this by offering an irresistible, time-limited deal or threatening dire consequences (such as an imminent overpayment) to make the victim panic and rush to click…
