IT Department, Institute of Information Technology and Management
Online published on 15 June, 2017.
The term “social engineering” (SE) has gained wide acceptance in the Information Technology (IT) and Information Systems (IS) communities as a social/psychological process by which an individual (called attacker) can gain information from an individual (called victim) about a sensitive subject. This information can be used immediately to by-pass the existing Identification-Authentication-Authorization (IAA) process or as part of a further SE event. Social engineering methods are numerous and people using it are extremely ingenious and adaptable. Nonetheless, the field is new but the tactics of the attackers remain same. Therefore, this paper provides an overview of the current scenario in social engineering and the security issues associated with it.
Cyber security, risks, hacking, social engineering