Services Portfolio Team Academy Blog Contact

Social Engineering: The Weakness Is Human, Not Technical

952 1 min

Hackers prefer to deceive people rather than find technical vulnerabilities — it's often easier. Social engineering is based on psychological principles: authority (trusting authority), urgency (rushing), fear, and reciprocity. Phishing is the most common: looks like a legitimate email, is actually fraud.

Spear phishing is a targeted attack with prior information gathering. Vishing is voice-based deception (a fake bank employee). Smishing uses SMS. Baiting exploits plugging in a found USB drive. Defence: employee training (the most effective measure), MFA, email filtering, a policy of verifying suspicious requests (even from internal addresses). Building a culture of "if it's suspicious — verify, then act."

Share