Secure your small business:
Apps → Data →

Social Engineering

Social Engineering refers to any method of gaining illicit access to secured systems that relies not on technical skill, but rather on social and interpersonal skills for its success.

In practice, most social engineering "attacks" involve using misinformation or misdirection to cause people in positions of authority or responsibility to mistakenly provide attackers access.

At one end of the spectrum, phishing is a kind of high-volume social engineering attack with which most contemporary users are familiar. In phishing, a malicious actor impersonates someone else in an email, relying on brand recognition and authority to fool users into clicking on links to malware or to similarly false websites where they unknowingly surrender their credentials. Phishing uses no special technical methods at all, but rather is simply a matter of fooling credulous users.

At the other end of the spectrum, individual impersonations by telephone are a classic form of social engineering in which a malicious actor calls a help desk or other privileged party within an organization, often claiming to have been referred by a colleague or to be a user who has been locked out of their account. With the right manner, background knowledge, banter, and congeniality, the helpdesk worker or privileged party can often be fooled into granting access or providing secure credentials, which they imagine will help someone out. Instead, by providing access, they have enabled a malicious actor to enter a secured system without applying any particular computing techniques whatsoever.

2FA/MFA Rapid Reference

Authentication at a glance

Download the 2FA/MFA Rapid Reference now:

  • 2FA and MFA basics and common solutions
  • The benefits and drawbacks of each
  • Glossary of authentication terms

 

2FA/MFA Rapid Reference

  • 2FA and MFA basics and common solutions
  • The benefits and drawbacks of each
  • Glossary of authentication terms
Save PDF  

Downloadable References

PDF
Sample, shareable addition for employee handbook or company policy library to provide governance for employee AI use.
PDF
Generative AI is exploding, but workplace governance is lagging. Use this whitepaper to help implement guardrails.
PDF
Cheat sheet for basics to stay secure, their ideal deployment order, and steps to take in case of a breach.
PDF
Real-time, continuous authentication using behavioral biometrics and machine learning.
 
 
 
 
 

Subscribe to the newsletter for Plurilock and cybersecurity news, articles, and updates.

You're on the list! Keep an eye out for news from Plurilock.