{"id":18193,"date":"2018-05-26T08:00:56","date_gmt":"2018-05-26T12:00:56","guid":{"rendered":"https:\/\/www.psafe.com\/en\/blog\/?p=18193"},"modified":"2022-04-27T15:14:15","modified_gmt":"2022-04-27T19:14:15","slug":"social-engineering-isnt-about-making-friends-but-exploiting-your-trust","status":"publish","type":"post","link":"https:\/\/www.psafe.com\/en\/blog\/social-engineering-isnt-about-making-friends-but-exploiting-your-trust\/","title":{"rendered":"Social Engineering Isn\u2019t About Making Friends, But Exploiting Your Trust"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">The art of hacking doesn\u2019t always involve an individual slouched over a keyboard frantically typing code to steal your data. Known as social engineering, this type of hacking can be more complex than attempting to break through security systems. By employing con games and psychological manipulation Instead, a hacker will try to break through your mind, gaining your trust in the process. <\/span><\/p>\n<p><span style=\"font-weight: 400;\">On February 15th, 1995, the FBI arrested the then infamous computer hacker, Kevin Mitnick. While Mitnick was detained <\/span><a href=\"https:\/\/www.justice.gov\/archive\/opa\/pr\/Pre_96\/February95\/89.txt.html\"><span style=\"font-weight: 400;\">for more advanced hacking schemes<\/span><\/a><span style=\"font-weight: 400;\">, he relied heavily on social engineering to obtain sensitive information from his victims. Flash forward to a fictional movie called Hackers &#8212; released in the same year &#8212; and the film\u2019s eerie opening scene shows the protagonist posing as an executive to extract information from an unaware security guard. A chilling example of social engineering caught on celluloid. <\/span><\/p>\n<p><b>Read More: <\/b><a href=\"https:\/\/www.psafe.com\/en\/blog\/5-things-can-prevent-phishing-scams-work\/\"><b>5 Things You Can Do to Prevent Phishing Scams at Work<\/b><\/a><\/p>\n<p><span style=\"font-weight: 400;\">Social Engineering is a tactic used before the days of computing but has rapidly evolved and become more sophisticated as the digital age emerged. Today, many individuals may be familiar with the term \u2018phishing,\u2019 an extremely prevalent form of social engineering in which a hacker impersonates a trusted person or entity, convincing someone to share valuable personal information.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">You can avoid social engineering by becoming familiar with the techniques involved and understand how a hacker might attempt to manipulate you for their own purposes. Here are the <\/span><a href=\"https:\/\/www.huffingtonpost.com\/brady-josephson\/6-principles-of-influence_b_7102348.html\"><span style=\"font-weight: 400;\">six fundamental principles of social engineering<\/span><\/a><span style=\"font-weight: 400;\"> laid out by Professor Robert Cialdini in his 1984 book, <\/span><i><span style=\"font-weight: 400;\">Influence: The Psychology of Persuasion<\/span><\/i><span style=\"font-weight: 400;\">:<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400;\"><b>Reciprocity<\/b><span style=\"font-weight: 400;\"> &#8211; You\u2019re more likely to perform an action for someone if it\u2019s framed as returning a favor. Social engineers rely heavily on this emotional cue and the best defense is to carefully consider the information you\u2019re giving out &#8211; just because you owe someone a favor, don\u2019t give them keys to the castle.<\/span><\/li>\n<li style=\"font-weight: 400;\"><b>Commitment<\/b><span style=\"font-weight: 400;\"> &#8211; When an individual commits to an idea they are more likely to sacrifice in order to obtain a goal. For example, if you agree to work on a project with an individual and are asked to share sensitive information, your commitment to the person or project could convince you to hand over data &#8211; be aware of what you\u2019re providing and why.<\/span><\/li>\n<li style=\"font-weight: 400;\"><b>Social<\/b> <b>Proof<\/b><span style=\"font-weight: 400;\"> &#8211; This can be summed up by the old phrase \u201cMonkey see &#8211; monkey do.\u201d As social creatures, we\u2019re likely to follow what those around us are doing. If your coworkers in the office are unknowingly entering a sweepstakes scam, you\u2019re more likely to jump in and do the same. Don\u2019t forget to think for yourself and avoid the herd mentality &#8211; do your research!<\/span><\/li>\n<li style=\"font-weight: 400;\"><b>Authority<\/b><span style=\"font-weight: 400;\"> &#8211; <\/span><a href=\"https:\/\/nature.berkeley.edu\/ucce50\/ag-labor\/7article\/article35.htm\"><span style=\"font-weight: 400;\">Perceived authority is one of the major influences <\/span><\/a><span style=\"font-weight: 400;\">for social engineers to prey upon. The adherence to authority is commonly used in phishing scams. A hacker sends a phony email that appears to come from an authoritative entity like your human resources department, which can cause you to react and provide the requested information right away. However, the fake request can be more direct such as a \u2018supervisor\u2019 asking you for a password. When confronted with these types of emails, make sure to understand your company\u2019s security policies. In many cases, passwords shouldn\u2019t be handed to anyone, no matter the person\u2019s level of authority.<\/span><\/li>\n<li style=\"font-weight: 400;\"><b>Scarcity<\/b><span style=\"font-weight: 400;\"> &#8211; If the desired object is scarce, you\u2019re more likely to jump for it. These feelings point to historical research when early humans had to forage for supplies and food, often competing for minimal resources. Don\u2019t allow \u2018limited time offers\u2019 or \u2018act now\u2019 keywords influence you. Think before entering any personal information.<\/span><\/li>\n<\/ol>\n<p><span style=\"font-weight: 400;\">A final tip here is to always take a step back and not allow factors such as authority and commitment warp your judgment. Social engineering is a terrifying practice. Hackers aren\u2019t just attempting to break into our computers, but also manipulate our minds &#8211; the most private space of all. Understanding how social engineering techniques work is a head start in keeping yourself protected.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>As humans, we inherently want to trust others, but this is a factor that\u2019s taken advantage of by hackers using social engineering techniques to manipulate you.<\/p>\n","protected":false},"author":83,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","footnotes":""},"categories":[5],"tags":[259,218,358,545,249],"class_list":["post-18193","post","type-post","status-publish","format-standard","hentry","category-security","tag-hackers","tag-privacy","tag-protection","tag-safety","tag-security"],"_links":{"self":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/18193","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/users\/83"}],"replies":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/comments?post=18193"}],"version-history":[{"count":2,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/18193\/revisions"}],"predecessor-version":[{"id":18329,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/18193\/revisions\/18329"}],"wp:attachment":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/media?parent=18193"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/categories?post=18193"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/tags?post=18193"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}