Social engineering is a type of attack that is used to exploit the user's trust or lack of knowledge in order to gain access to their system or personal information.
There are many different types of social engineering attacks, but some of the most common are phishing, vishing, and smishing.
Phishing is an attack where the attacker sends the user a fraudulent email that appears to be from a legitimate source, such as a bank or credit card company. The goal of the attack is to get the user to click on a link or open an attachment that contains malware or provides access to their personal information.
Vishing is a type of phishing attack that uses voice messages instead of emails. The attacker will call the user and try to get them to provide personal information or click on a link.
Smishing is a type of phishing attack that uses text messages instead of emails. The attacker will send the user a text message that contains a link or asks for personal information.
Other common social engineering attacks include baiting, pretexting, and shoulder surfing.
Baiting is an attack where the attacker leaves a USB drive or other type of storage device in a public place with malware or personal information on it. The goal is to get the user to plug the device into their computer in order to access the information.
Pretexting is an attack where the attacker uses a fake identity or story to get the user to provide personal information.
Shoulder surfing is an attack where the attacker watches the user enter their personal information into a computer or other device.
Comments