• Uncategorized

Social Engineering


Inthe modern world, both the intruders and the hackers are ever on themove to come up with advanced techniques to access informationresources that are valuable to organizations and individuals. Theymaliciously use the information they get for selfish and personalgain. This data is accessed because of the good openings that makethe platforms vulnerable to attacks. In most cases in fact, moreoften than anyone can imagine, they break through to the data systemsdue to some human behaviors, like overly trust. People tend to trustothers to the extreme while others are just ignorant about theimpacts of carelessness with information. Social engineering is oneof the arts that make use of the errors and human weaknesses to breakinto most systems regardless of the measures that have been put inplace to offer security checks through software and hardware. Infact, the vital security block to any information is the human personand once duped then it means that all the channels are open for thehackers to take charge. Social engineering is a vice that is takingroute in the contemporary society and the fact that it hasdebilitating impacts, makes it a contentious topic of discussion.


Itis an art that makes use of human behavior to break into personal orcorporate information system without the realization of the victimthat indeed he has been manipulated (Thompson, 2012). Although thetechniques employed in standard hacking have been in use for sometime now, the aspect of social engineering has taken an entirelydifferent route. Researchers have argued that the transformation hasbeen essential since the current generation is technologically savvyand even the younger members are brought up in an environment that istechnologically conscious making the traditional methods obsolete andunfruitful.

SocialEngineering and Technology

Technologymakes things much easier and fun for a social engineer. In mostcases, the malicious appeal is always from a computer or andelectronic gadget that the victims believe that they can easilyidentify. However, to spoof a name of a computer, network, emailaddress or fax number can be a very easy thing to experts.

Theuse of technology often deceives individuals. For instance, they aresent an email asking them to provide crucial information. The emailusually gives the victim a link directing them to a website that hasa professional and legitimate outlook. The site then updates theaccounts data like the personal IDs, passwords, and the securitynumbers (Heartfield et al, 2015). Besides, they also use social mediaplatforms like Facebook and MySpace. Some Spam and phishing textsalso employ this trick. Several users are overwhelmed by the numberof the spam messages and other unnecessary emails to the extent ofloosening their guard and end up opening the attachments that theyare not supposed to open. The fact that the messages always have aformal and believable outlook lures the victims to disclose the vitalinformation that they should not even give out at gunpoint.

Thedeceits also occur when the hackers have already hacked into themainstream network and sent random messages or feign pop-up windowson the internet. Such tricks have used instant emails and mobilephone messaging.

Severalincidents have been reported in which cyber criminals sent emails tounsuspecting people of a patch which they alleged that it was fromMicrosoft and a big vendor. According to the victim`s mentality, whenit resembles then it is the right duck. Unfortunately, in this case,it was not the right one. The message originated from a hacking sitewhich had the intentions of installing the patch and gaining accessto computers and networks using the Trojan-horse, key logger(Hartman, 2013).

Proand Cons of

Thesafety of information is the backbone of any organization that wishesto continue running its business evenly. In case the data structuresare not on the priority of the firm, more so in the contemporarysociety where crime is the order of the day then even a small openingin the background is enough to pull the whole firm down. Socialengineering being a social vice itself does not have any advantagerather than the unlawful acquisition of information by the intruders.

Onthe downside, social engineering has resulted in punitive financiallosses in companies and individuals (Freilich et al., 2015). In fact,the losses have been massive to the extent of insurance agencieschipping in to cover losses arising from the security cracks.

Anotheraspect that can be soiled is the organizations or the individual`sreputation and general goodwill. This condition can mostlydestabilize the firm or a person in the long run. For instance,malicious people can obtain the information on the credit cards andget by the online merchants from their clients. Once the customersrealize that their credit information was compromised at some point,they stop the business transactions with the vendor since they willconsider the site insecure.


Undeniably,social engineering comes along with several vices that negativelyimpact the society. From the discussion, it is evident that socialengineering is geared towards accessing vital information withoutapplication of technical expertise. Failure to eliminate it hasresulted in massive losses. Organizations should, therefore, striveto implement comprehensive security strategies to reduce and removethe impacts of the vice.


Freilich,J. D., &amp Newman, G. R. (2015). Transforming piecemeal socialengineering into &quotgrand&quot crime prevention policy: toward anew criminology of social control. Journalof Criminal Law &amp Criminology,105(1),203-232.

Hartman,A. (2013). “A Trojan Horse for ”: TheCurriculum Wars in Recent American History. Journalof Policy History,25(1),114-136.

Heartfield,R., &amp Loukas, G. (2015).A Taxonomy of Attacks and a Survey ofDefence Mechanisms for Semantic Attacks. ACMComputing Surveys,48(3),37:1-37:39.

Thompson,S. C. (2012). Helping the Hacker? Library Information, Security, and.Information Technology &amp Libraries,25(4),222-225.