@geralt (CC0 license) / pixabay.com
In general, the basic idea of Social engineering from the field of philosophy. Karl Popper coined the term in 1945 and initially used it to describe the psychological and social elements of improving social structures. The principle of poppers is mainly based on the fact that people and machines can be improved. Therefore, in the 1970s, Popper’s successors added important psychological tricks to this assumption. However, the goal was not to steal the data – it wanted to encourage people to interact optimally and raise awareness of their health. This is manipulation – only that the goal is different. In general, social engineering is understood to be the deceptive type of unconscious influence.
What is social engineering?
In the field of social engineering, human characteristics such as helpfulness, fear, respect, or confidence in authority are used to manipulate others. In this way, cybercriminals deceive the victim, for example, into providing confidential information, bypassing security aspects, and installing malware on a private computer or a computer in the corporate network.
Social engineering in general is nothing new and has served as the basis for a variety of scams since people existed. However, in the age of digital communications in particular, there are new, highly effective possibilities for criminals with which they can influence millions of potential victims.
Even if this method remains true to its actual philosophical roots, the motivations of the social engineer have changed dramatically. Anyone who understands how others operate can carefully manipulate them with a little tact and at the same time criminal potential.
In general, it is important to know that attackers are making increased efforts to find their victims, that is, to find access routes and attack points.
Above all, profiles in social networks provide enough information to devise a suitable story for the victim. This forms the basis of a phishing attack.
The levers that attackers use against their online victims are above all else
• Take advantage of supposed empathy and attractiveness,
• An artificial scarcity of time for the recipient to make quick and uninformed decisions and
• Indication of a fictitious commitment on the part of the victims.
Protection from social engineering
Unlike most forms of data theft attacks, a company is at risk of social engineering if the network and all end devices and servers are fully and optimally secured by the security department.
The goal of social engineering is to exploit human characteristics such as those of technical weaknesses. Hackers often focus on reactions and characteristics such as help, curiosity, customer affection, and fellowship.
The main thing that helps against the emotional scams of data thieves is to educate people about the possible methods of social engineers.
It is also important to educate employees that digital identities can generally be forged if no technical measures control the identity.
“Certified tv guru. Reader. Professional writer. Avid introvert. Extreme pop culture buff.”