Social Engineering
Social engineering a method of fraud and hacking that utilizes the humanity and nature of people to retrieve information from them voluntarily. By playing into the nature of the person, hacking through technological means is sometimes not necessary. If one can fool a person into giving away information voluntarily, then creating a program or hack to retrieve that information involuntarily is no required. Furthermore, it can be much simpler and efficient to get information from someone through social engineering than it would ever be to steal that information via a computer program or password cracker.
This form of forcing users to disclose information must be done through some human means. The point of social engineering is to utilize the fallacies of human logic and biases to trick the target into revealing confidential information through various methods and tactics.
Tactics and Methods
There are various means of utilizing social engineering to obtain confidential and secret information such as passwords and private data. All of these methods work through some medium in which the attacker has to actually converse with the victim in some way, whether directly or indirectly. In all methods, feedback from the victim is required. This feedback is usually the necessary information the attacker was looking for.
Although social engineering tactics are heavily performed through electronic and computer mediums. There are many methods in which social engineering can be done through the physical realm. As long as there can be some form of communication between the attacker and the victim any medium may be used. Social engineering is so successful because it takes advantage of the fallacies of the human being. Whether by means of flattery, impersonation, and greed; social engineering is considered to some an art form of psychology.