5 Ways Social Engineers Crack into Human Beings
Social engineering is…
the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes .
A “phishing” email is one of the most common and effective types of social engineering attacks.
Social engineers leverage the following human traits to exploit their targets:
1| Humans are trusting
Social engineers (SEs) use specific strategies for establishing trust and familiarity. Once they have established a rapport and a positive first impression with their target, it is much easier to successfully request information or access to sensitive personal or organizational assets.
2 | Humans want to be helpful
SEs make the target feel as if they are doing something altruistic. Sympathy can be a powerful behavioral motivator for highly agreeable people, and SEs know that their storylines can be powerful tools for garnering sympathy.
3 | Humans fear authority
Fear is one of the largest motivators in social engineering. Fear is handled and processed by the amygdala, as are all emotions before the rest of the brain takes over. When the amygdala is hijacked there is no other processing in the brain – which means decisions will be made with emotion and not logic. Recent phishing tactics have capitalized on COVID-19.
4 | Humans are optimistic
Research indicates that optimistic bias can make people believe that they are less vulnerable than others to online risks associated with privacy. SEs understand and capitalize on the fact that people are typically not in a defensive mindset; they are not expecting to be taken advantage of or manipulated.
5| Humans are honest
Humans will naturally correct false statements and this is often how SEs exploit honesty. People will verbally correct a complete stranger. For example, to obtain a birthdate, SEs utilize this trait by presenting incorrect birthday month or date and the target will instinctively correct them.
For more info, check out Joan Goodchild’s article on the subject by clicking here.
You must be logged in to post a comment.