Social Engineering

Social engineering, in general terms, is an effort to influence the attitudes and behaviors of society. In the computing world, it refers to manipulating people into divulging personal information, typically over the Internet.

The most common method of social engineering is phishing, or the sending of fake emails. The perpetrator sends an email, claiming to be from a legitimate source, asking the user to share personal data, such as login information. For example, it may tell the recipient to update their username or password because of a security breach. The link within the email sends the user to a fake site, which captures the user's login information and any other personal information they enter.

▶ If you receive an email that seems suspicious, don't follow the instructions. You can hover over each link in an email to see the destination address. If the link does not point to a trusted domain name, don't click it.

Other social engineering methods include fake text (SMS) messages and phone calls. For example, a hacker might send you a text message saying you have won a prize, only to lure you into clicking a link and entering your bank account information. Someone might call you and tell you you're being investigated for fraud so that you will divulge your social security number.

It is important to be vigilant and aware of social engineering schemes in order to avoid them. If you can't verify the identity of a website or person asking for your personal information, don't share it.

Published: March 5, 2022