Social Engineering involves exploiting fear and emotion to trick someone into disclosing or grating access to private information. Below are 5 of the most common techniques.


Also known as B-phishing, baiting uses a false promise to pique a victim’s greed or curiosity. Users are lured into a trap that steals their personal information or inflicts their systems with malware. For example, people may click on an enticing ad that leads to malicious websites or encourages them to download a malware-infected application.


Also known as deception software or fraudware, these are malicious computer programs designed to trick users into buying and downloading unnecessary and potentially dangerous software. An example would be an offer in a spam email for fake antivirus protection.


Scammers use email, text, or phone calls to win trust and gain access to data and accounts under false pretexts. The scam is often initiated by a perpetrator who impersonates co-workers, police, or other officials, pretending to need sensitive information such as social security numbers or bank records in order to perform a critical task.


One of the most popular social engineering attack types, phishing scams are email and text message campaigns that employ trust, fear, and a sense of urgency to prod victims into revealing sensitive information, clicking on links to malicious websites, or opening attachments that contain malware.


This is a more targeted version of a phishing scam where an attacker chooses specific individuals or organizations to provide sensitive information. Perpetrators tailor their messages based on victims’ characteristics, job positions, and contacts to appear genuine and less conspicuous.