Social engineering definition
Social engineering is a psychological manipulation technique that cybercriminals use to get people to give away confidential information or perform a certain action. Trust, stress, and greed are natural feelings that social engineers use against people to cloud their judgment.
See also: CEO fraud
Social engineering attack cycle
- Preparation. The attacker gathers data on their target.
- Infiltration. The attacker initiates contact with their victim, establishes a relationship, and begins to build trust.
- Exploitation. Once the relationship is strong enough, the attacker makes their move — asks for money, installs malware, steals login credentials, or performs some other action.
- Disengaging. After the attacker gets what they want, they will cut off all communication and disappear.
How to protect yourself from social engineering attacks
- Educate yourself on different methods cybercriminals use to trick people.
- Check the identity of anyone who’s contacted you online — even double-check with your friends or coworkers if their request seems out of the ordinary.
- Limit the information you share about yourself and your work online.
- Use a VPN to improve your security and privacy online.
- Use additional security software to stay safe online — like NordVPN’s Threat Protection Pro feature.
