The New Explosion of Social Engineering: Defensive Techniques to Manage the Risk (2023)

By Abdul Saleem, Comcast India Engineering Center; Poornasakthi Sivaraman, Comcast India Engineering Center

Social engineering [SE] refers to the manipulation and exploitation of human psychology and behavior to deceive individuals or gain unauthorized access to sensitive information, systems, or physical spaces. It involves the use of psychological tactics and persuasive techniques to trick people into disclosing confidential information, performing actions that they wouldn't normally do, or granting access to restricted areas. SE techniques can be employed through various mediums, including in-person interactions, phone calls, emails, instant messaging, or social media platforms. The primary objective is to exploit human vulnerabilities, such as trust, helpfulness, curiosity, fear, or ignorance, to achieve the attacker's goals. SE is a deceptive and manipulative technique used by malicious individuals or attackers to exploit human psychology and behavior. It involves tricking people into divulging sensitive information, performing actions they wouldn't normally do, or granting unauthorized access to systems or physical spaces. Unlike traditional hacking methods that primarily focus on exploiting technical vulnerabilities, SE targets the human element, taking advantage of our natural tendencies and emotions. The core principle behind SE is the recognition that humans can be the weakest link in security systems. No matter how robust an organization's cybersecurity measures are, a skilled social engineer can find ways to bypass them by manipulating individuals through psychological tactics. By understanding human behavior, social engineers exploit factors such as trust, curiosity, fear, helpfulness, or ignorance to achieve their objectives. In this paper we will know about the SE attacks that depend on the attacker's ability to gather information about their targets through methods like reconnaissance, research, or social media profiling. This allows them to customize their approaches and make their attempts more convincing and effective. Awareness and education play a crucial role in defending against SE. Individuals and organizations should stay informed about common SE techniques, regularly update their knowledge of potential threats, and implement security measures such as strong passwords, two-factor authentication (2FA), and employee training programs. By fostering a culture of security awareness and vigilance, individuals and organizations can better protect themselves against SE attacks.

By clicking the "Download Paper" button, you are agreeing to our terms and conditions.

Similar Papers

THE WiFi Happiness Index
By Krithika Raman, Comcast India Engineering Center LLP; Charles Moreman, Comcast Cable
Scaling a SCTE-224 Policy Decision System to Accommodate Burst Loads Driven by Marquee Events
By Madhuvanth Gopalan, Comcast India Engineering Center; Timothy Wilson, Comcast Technology Solutions; Stuart Kurkowski, PhD, Comcast Technology Solutions
Software Reliability Engineering: Scaling the Cloud with Automation
By Brian Gray, Sriram Ramakrishnan & Fei Wan, Sr., Comcast Cable
Photon Avatars in the Comcast Cosmos: An End-to-End View of Comcast Core, Metro and Access Networks
By Venk Mutalik, Steve Ruppa, Fred Bartholf, Bob Gaydos, Steve Surdam, Amarildo Vieira, Dan Rice; Comcast
Two Years Of Deploying ITV/EBIF Applications – Comcast’s Lessons Learned
By Robert Dandrea, Ph.D., Comcast Cable
Traffic Engineering in a Fiber Deep Gigabit World
By John Ulm & Tom Cloonan, ARRIS
Case Study of Social Distancing on Mentorship Programs
By Andrew Frederick, Comcast
Traffic Engineering for Video-On-Demand Systems
By Bill Wall, Scientific-Atlanta
1985 NCTA Engineering Committee Subcommittee Annual Reports
By Robert A. Luff and Wendell H. Bailey, Jr., NCTA
Fundamental Relations In CATV Costs Engineering
By Argyle w. Bridgett, Argyle W. Bridgett and Associates
More Results >>