social engineering


Also found in: Dictionary, Acronyms, Wikipedia.

social engineering

(jargon, security)
A term used among crackers and samurai for cracking techniques that rely on weaknesses in wetware rather than software; the aim is to trick people into revealing passwords or other information that compromises a target system's security. Classic scams include phoning up a mark who has the required information and posing as a field service tech or a fellow employee with an urgent access problem. See also the tiger team story in the patch entry.

social engineering

Using deception to obtain confidential information from someone by phone or in person. For example, "social engineers" may persuade someone to reveal an ID or password for a supposed benign purpose ("my computer is down, can I use yours in the meantime"). They can even walk in off the street and pretend to be from IT doing a routine inspection.

Sometimes, a combination of social engineering and hacker skills are used to steal information. However, no matter how secure a network may be, the "con" played by the social engineer is often the most effective way to break in.

The Generic Meaning
Outside the computer world, social engineering means to influence attitudes and behaviors. See phishing, pretexting and shoulder surfing.
References in periodicals archive ?
Combining Barracuda's AI-driven protection against phishing and spear phishing with PhishLine's social engineering simulation and training platform gives customers comprehensive defense against email-borne targeted attacks and social engineering.
International Business Times spoke with Rachel Tobac to learn more about social engineering and trends like vishing, which refers to tricking individuals into revealing information over the phone similarly to phishing.
The South African Banking Risk Information Centre (Sabric) said that it is aware of a scam in which bank customers have lost money due to social engineering.
Social engineering works because it's easier for hackers to exploit the natural inclination to trust someone than to figure out a new way to access a computer.
The study "Using Social Engineering in Revealing Risky Electronic Accounts" was conducted by Hassan.
Consistent with the social engineering policy we announced in November, embedded content (like ads) on a web page will be considered social engineering when they either: pretend to act, or look and feel, like a trusted entity - like your own device or browser, or the website itself.
The ethical hackers should use tools and techniques the criminals use, including social engineering, so that corporate defenses can be shored up consistent with their risk exposure.
Businesses have often had little recourse for losses resulting from social engineering fraud.
8220;Businesses, government agencies, non-profits - any organization that is using social media to grow their influence and communicate with their stakeholders - are open to major risks if they aren't monitoring their social networks for suspicious and malicious activities like social engineering that can open the door to their security perimeter and enable a potentially devastating attack.
RBS is working alongside Get Safe Online, the government and private sector-backed information service on internet safety and security, and other UK banks to raise awareness of social engineering scams.
PEF director (CPDP) Bushra Saeed Khan and other concerned officers, including representatives of Social Engineering Consultants attended the meeting.
27 ( ANI ): The unusual single-letter Twitter handle `@N` has been reportedly given back to the original user after it was hijacked as part of an eye-opening social engineering scheme last month.

Full browser ?