One of your friends has recently been a victim of a social engineering attack since someone has stolen her username and password for accessing her work email.


1::Building systems that are easy to use for society.
3::It is a form of social deception focussed on information gathering, fraud, or system access.
2::Someone uses social networks for stealing personal data.

Social engineering has little to do with engineering in the traditional sense of building technological systems. In the context of security, it is a form of social deception, exploiting human weaknesses so as to psychologically manipulate people with the aim to information gathering, fraud, or system access (e.g. to fool someone into giving you his/her password).

 

This is the correct answer. Social engineering is indeed a complex form of social deception, exploiting human weaknesses so as to psychologically manipulate people with the aim to information gathering, fraud, or system access (e.g. to fool someone into giving you his/her password).

 

This is only partially correct. In the context of security, social engineering is a form of social deception, exploiting human weaknesses so as to psychologically manipulate people with the aim to information gathering, fraud, or system access (e.g. to fool someone into giving you his/her password). Of course, such an approach can be followed - amongst others – in the framework of a communication via a social network.

 


This name, ‘social engineering’ looks quite strange to you as it puts together engineering with social issues.

What does social engineering mean in a security context?