Social Engineering Attacks

Social Engineering attacks are based on the exploitation of someone's personality. There are various types of social engineering attacks; let's look at each of them and the principles of why they are effective:

  • Phishing and Spear Phishing: Phishing attacks are carried out by emailing someone telling them that their bank account needs updating, so they need to complete the attached form. Such forms ask for personal details that could later be used for identity fraud. Such emails often look as though they have come from a legitimate body, so users are fooled into carrying out the instructions they contain: Spear Phishing targets a group of people.
Figure 2: Phishing attack
  • Whaling: A whaling attack is a kind of ...

Get CompTIA Security+ Certification Guide now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.