CSO Explainer: What is social engineering?

Animated example of some ways data thieves get to your data without hacking

Editor’s note: CSO is embarking on creating some new video animations that help explain security terms and concepts. The goal is not to explain something that you, the reader, is already likely to know, but rather to present these concepts in an easy-to-share format for employees to enhance awareness in the workplace, or even with friends and relatives (like your Uncle George, who may fall victim to one of these ploys). Let us know if there are some other security terms and concepts you’d like to see in animated form!

The following is a transcript of the video above.

Voiceover: When you hear the term social engineering, this is the security industry’s way of referring to a con or scam technique.

 It’s basically the art of gaining access to buildings, systems or data by exploiting human psychology, rather than breaking in or using technical hacking techniques.

 Famous hacker Kevin Mitnick helped popularize the term ‘social engineering’ in the 1990s, although the idea – and many of the techniques – have been around as long as there have been scam artists.

 But how does social engineering work? Here are some examples.

 In the office, a social engineer might lurk near a secure doorway with several boxes, and pretend they can’t reach their access card or key to get in. They’ll ask, “Can you hold the door for me?” and an unsuspecting office worker will let them in. The worker never realizes that they’ve just given a criminal access to their company’s office.

 On the phone, a social engineer calls employees and pretends to be the IT Help Desk, trying to trick workers into giving them their password.

 Social engineering is dangerous to corporate and personal data, because once a data thief has gained access, there’s no telling what they’ll do with it.

 So, how can you avoid becoming a victim of social engineering? First, be aware. Awareness of the types of ploys these criminals use is your Number 1 defense.

 Second, look around, pause and ask questions before doing or saying anything. If something doesn’t look or sound right, chances are you’re being played by a social engineer.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about CSO

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by CSO staff

Latest Videos

More videos

Blog Posts