ABSTRACT
Social engineering is a broad term that encompasses many types of scams—in both the virtual and the real worlds—including the more commonly known term phishing. Just as malware exploits software vulnerabilities, social engineers exploit human vulnerabilities to accomplish their goals. Social engineering is the art of manipulating people to reveal information or perform actions that are not in their best interest. In a manner reminiscent of Franks Abagnale’s exploits, malicious social engineers have used conventional phones, often posing as computer security experts. Social engineers are tactless predators often seeking to take advantage of people’s emotions and sympathy after tragic events. Unlike phishing, which is analogous to broadcasting a net for any sucker, spear phishing is a more targeted attack. Social engineers are very tricky, and the tactics they use purposefully exploit known human vulnerabilities.
