Social Engineering Attacks
Jump to navigation Jump to search
Social engineering attacks encompass malicious activities accomplished through human interactions. They rely on psychological manipulation to trick users into making security mistakes or disclosing sensitive information.
- Baiting uses a false promise to arouse victims’ greed or curiosity to lure them into a trap for gathering their personal information or installing malware.
- Scareware inundates victims with false alarms about threats.
- Pretexting involves impersonating a person in a position of authority or familiarity and asking questions to confirm the victims’ identity.
- Phishing scams prod victims to reveal sensitive information, click on a link to a malicious website, or open an attachment that contains malware.
- 2013 Target Third-Party Breach (Phishing) 
- 2020 Twitter Bitcoin Scam (Pretexting, Baiting) 
- 2014 North Korea attack on Sony Pictures (Phishing)
- 2016 US Presidential Election Email Leak (scareware, spearphishing) 
- 2013 Yahoo Customer Account Breach (phishing email)