Social engineering

Jan Willem Bullée*, Marianne Junger

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingChapterAcademicpeer-review

Abstract

Social engineering is the usage of social manipulation and psychological tricks to make the targets assist offenders in their attack. Among computer scientists, social engineering is associated with calling a target and asking for their password. However, this threat can manifest itself in many forms. In this chapter, four modalities of social engineering (i.e., voice call, email, face-to-face, and text message) are discussed. We explain the psychological concepts that are involved in social engineering. Including (i) why do people get victimized and (ii) how do offenders abuse the flaws in human reasoning. A series of field studies illustrates the success of social engineering. Furthermore, which group is most vulnerable to social engineering and to what extent do interventions counter the attack? Finally, we discuss some difficulties in investigating social engineering and conclude with some suggestions for future research.

Original languageEnglish
Title of host publicationThe Palgrave Handbook of International Cybercrime and Cyberdeviance
EditorsThomas J. Holt, Adam M. Bossler
PublisherPalgrave Macmillan Ltd.
Pages849-875
Number of pages27
ISBN (Electronic)9783319784403
ISBN (Print)9783319784397
DOIs
Publication statusPublished - 6 Jun 2020

Keywords

  • Awareness
  • Cognitive bias
  • Deception
  • Fraud
  • Intervention
  • Manipulation
  • Phishing
  • Scam

Fingerprint Dive into the research topics of 'Social engineering'. Together they form a unique fingerprint.

Cite this