Understanding Social Engineering

Social engineering is the practice of using primarily nontechnical means to get people to give up sensitive data or to perform actions they wouldn’t normally perform. A social engineer uses deception and fraud to trick or manipulate unsuspecting users.

imageEXAM TIP Although social engineering is a low-tech attack, it can still be a very effective method of gaining unauthorized access to an organization and the organization’s IT infrastructure.

At the core, social engineering uses different tactics to gain the confidence of people as part of a scam. As an example, an attacker may want to gain access to an organization ...

Get SSCP Systems Security Certified Practitioner All-in-One Exam Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.