Understanding Social Engineering
Social engineering is the practice of using primarily nontechnical means to get people to give up sensitive data or to perform actions they wouldn’t normally perform. A social engineer uses deception and fraud to trick or manipulate unsuspecting users.
EXAM TIP Although social engineering is a low-tech attack, it can still be a very effective method of gaining unauthorized access to an organization and the organization’s IT infrastructure.
At the core, social engineering uses different tactics to gain the confidence of people as part of a scam. As an example, an attacker may want to gain access to an organization ...