Since the dawn of email, users have been warned against phishing scams — emails that claim to be from a source seeking your information for what they say is a legitimate purpose. This is a form of social engineering.
There are many ways in which a social engineer can get information from a victim. Phishing, hoaxes, shoulder surfing, and tailgating are all ways that social engineers can con people. Scammers use a trust factor in order to trick people into divulging information. Personalized messages, spoofed branding, social yellow journalism and security fear tactics are all used to engage computer users. Social engineers target everyone. Forty-eight percent of enterprises have been victims of social engineering attacks and 86 percent of IT and security professionals are aware of the risks of social engineering.
In this infographic, Veracode explores the strategies behind human hacking and what to look out for to avoid becoming the next victim.
Infographic by Veracode Application Security