The Art of Deception: Controlling the Human Element of Security
The Art of Deception: Controlling the Human Element of Security
On the Anatomy of Human Hacking
Information Systems Security
Gaining Access with Social Engineering: An Empirical Study of the Threat
Information Systems Security
Hi-index | 0.00 |
Social engineering is a methodology that allows an attacker to bypass technical controls by attacking the human element in an organization. There are many techniques commonly used in social engineering including but not limited to Trojan and phishing email messages, impersonation, persuasion, bribery, shoulder surfing, and dumpster diving. Hackers rely on social engineering attacks to bypass technical controls by focusing on the human factors. Social engineers often exploit the natural tendency people have toward trusting others who seem likeable or credible, deferring to authority or need to acquiesce to social conformity. Mitigation of social engineering begins with good policy and awareness training, but there are a number of other approaches an organization can take to defend against this type of an attack. Social engineering attacks are likely to increase, and it is becoming increasingly important for organizations to address this issue.