ABSTRACT
This chapter examines a continuum of social engineering strategies, tactics, and motivations. Some social engineers are focused on short-term, hit-and-run attacks while others are playing a long-term game. Social engineering is an age-old art and that is reflected in the type of fraudulent schemes that keep reoccurring over a long period of time. The Securities and Exchange Commission focuses on fraud where social engineers specifically target investors. Representatives of binary options websites may use fictitious names and tout socially engineered credentials, qualifications, and experience. In a social engineering attack, an attacker uses basic human interaction to get a recipient of a message, posting, or advertisement to perform a desired action. Phishing is a form of social engineering that most often uses email, social media, or malicious websites to solicit personal information by posing as a legitimate, trustworthy organization.
