icon

Social Engineering

Last modified: 2024-02-08

Techniques

Phishing

Attackers may impersonate a legitimate company or website and steal account information by sending the victim an email with a link to a malicious site.

Vishing (Voice Phishing)

Attackers may ask for passwords directly from victims over the phone.

Smishing (SMS Phishing)

Attackers may use SMS to contact victims, pretending to be from a legitimate company, and redirecting them to a malicious site or installing an app.

Shoulder Surfing

Attackers may peer into the computer or smartphone screen from behind the victim's back and steal passwords.

Baiting

Attackers may persuade a victim to plug a malicious USB device into the victim's computer in order to steal personal information or corrupt the system.

Pretexting

Attackers may contact victims through social media and trick them into asking for their passwords.

Scareware

Attackers may unduly intimidate the victim into asking for information such as passwords to access the victim's data.

Trashing

Attackers may rummage through trash cans near the victim's home or workplace.


OSINT

  • Have I Been Pwned

    It checks if the email address or the phone number has been exposed.