Overview
It is the manipulation technique that exploits human psychology and truck people into revealing confidential informations.
1. Common Types
Section titled “1. Common Types”1.1. Phishing
Section titled “1.1. Phishing”It happens where attackers send frauludent emails, text messages (smishing), or make phone calls (vishing) that appear to be from legitimate sources to steal data or install malware.
1.2. Pretexting
Section titled “1.2. Pretexting”The attacker creates an invented scenario or “pretext” to gain a victim’s trust and extract information. This involves impersonating an authority figure, such as an IT support or high-leval executive.
1.3. Bainting
Section titled “1.3. Bainting”Attackers lute victims with a false promise or desirable offer, like a free download or a malware-infected USB drive left in a public place, to access systems or information.
1.4 Qui Pro Quo
Section titled “1.4 Qui Pro Quo”An attacker promises a service or benefit (e.g., free IT assistance) in exchance for sensisitve information like login credentials.
1.5. Scareware
Section titled “1.5. Scareware”Victims are bombarded with alarming, fake messages about security threats (e.g., “Yout computer is infected with a virus!”) to pressure them into installing malicious software or paying a ransom.
1.6. Tailgating
Section titled “1.6. Tailgating”A physical security breach where an unauthorized person follows an authorized individual into a restricted area, often by exploiting social courtesy (e.g., asking someone to hold the door).
1.7. Business Email Compromise (BEC)
Section titled “1.7. Business Email Compromise (BEC)”A targeted attack where an attacker compromises os spoofs an executive’s email account to trick an employee into performing an unauthorized action, such as a wire transfer of funds.