Do you know what social engineering is?

Social engineering is any act that influences a person to take an action that may or may not be in their own interests. It can also be considered as the art and science of getting people to comply with your wishes.  

 As a process, social engineering starts with reconnaissance. It doesn’t always have to be bad, but in the case of cybercrime, attackers gather as much information as they can about the target using OSINT techniques as well as HUMINT sources. Before launching the final attack, the assailants first move on to the pretext development stage, which includes exploring scenarios to facilitate access. Afterwards they move to attack preparation such as developing and finalizing the attack plan. At the end, the final attack is launched. 

There are four main attack vectors for social engineering you should know about: 

  • Phishing: Phishing is a type of an online attack where criminals communicate with their intended victim by email. 

  • Smishing: Smishing is a type of online attack where criminals communicate with such an intended victim by SMS. 

  • Vishing: Vishing is a type of online attack where criminals communicate with the intended victim by voice or phone call. 

  • Impersonation: Impersonation is a type of offline attack where attackers impersonate someone.

To protect yourself from this kind of attacks, follow our recommendation and register for the "Digital Safety and Security Course":

Here you can view the EFF Guidelines we mentioned above: