Cybersecurity

Social Engineering

Information security is not just focused on technical attacks on computer systems. Many malicious attackers use social engineering techniques as well. Social engineering refers to the “psychological manipulation of people into performing actions or divulging confidential information.”

The most commonly known social engineering tactic is to masquerade as an official representative of an organization and ask or demand confidential information. This is called phishing.

However, there are many other types of attacks that rely on manipulating people into believing something false or not entirely true. Most of these rely on the use of malware (malicious software).

Some examples include:

  • Viruses/Worms
  • Botnets
  • Keyloggers
  • Backdoors
  • Trojan Horses
  • Time Bombs
  • Spyware

Exercise

Select, research, and report on one of these examples of malware. Include the following information in your report:

  • What is your chosen malware?
  • How does it work?
  • How does social engineering figure into its distribution (i.e., what is misleading about its installation or use)?
  • What are some real-world examples?
  • How is it prevented and/or removed?