Social Engineering

Abstract: The age old problem of social engineering is still a threat that does not receive due attention. Due to the advancements in information technology and the explosion of the Internet, attackers have many more avenues to pursue social engineering attacks. Inadequate efforts to educate employees and staff about social engineering and password management, inappropriate usage of messaging systems, poor implementation and awareness of security policies, all lead to people being exposed to potential incidents. This paper talks about social engineering and the new avenues that it has diverged into; and how social engineering plays a part in assisting other attack schemes. The paper first introduces the concept of social engineering It then looks at different attack methods that have proliferated due to the help obtained by social engineering schemes. Social engineering, both with its low cost and ability to take advantage of low technology, has taken its place in the information security literature as a very effective  form of attack

Keywords: Impersonating staff, Hoaxing, Creating confusion, Dumpster diving, Reverse social Engineering