According to wikipedia.org, “Social Engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme.”
Some say 60% of cyber attacks use social engineering to gain access to important data within corporations. Famous social engineers you may have heard about are Kevin Mitnick and Stephen Wozniak. These master-mind hackers used a variety of means to trick people into giving out their sensitive information like passwords, access codes, and more. Their social engineering skills are not related to how well they can program, but rather how well they connect themselves to people.
Watch this short eye-opening (and shocking) YouTube video about how social engineers can cleverly and quickly work to get your sensitive information: https://youtu.be/lc7scxvKQOo
Another common scheme includes a social engineer posing as a grandchild over the phone and calling a grandparent to request money for bail or some other emergency. They don’t say their name, but Grandpa and Grandma will give it away, for example:
- Hey Grandma, it’s me, your grandson. I need your help!
- Oh, is this Joe?
It’s so important to make sure you’re in control of what information you give out at home or at the office. Make sure no one else is giving it out on your behalf. And unless you are absolutely sure about the person you are speaking with, don’t give any answers right away. Instead, call them back or email them to verify who they say they are.