Social engineering

Authored by: Abbas Moallem

Human-Computer Interaction and Cybersecurity Handbook

Print publication date:  October  2018
Online publication date:  October  2018

Print ISBN: 9781138739161
eBook ISBN: 9781315184319
Adobe ISBN:


 Download Chapter



Social engineering is “any act that influences a person to take an action that may or may not be in their best interest” ( 2017). “Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information” ( 2017). These deception techniques have been used throughout human history. They were used for financial gain, access to power, and spying on enemies and especially as war techniques for victory on the battleground. From olden times, there is the tale of Greeks using a Trojan horse to enter the city of Troy ( Encyclopedia Britannica 2017) and win the war. Also, we can refer back to Victor Lustig, the man who sold the Eiffel Tower in 1925 ( 2017). Certainly, all of history is full of examples of a human deceiving his/her fellow human. The most memorable films are where viewers find there to be a question of whether the character using deception is good or bad; there are certain moral claims that can serve to justify these otherwise illegal or illicit actions. One might remember the movie The Sting, directed by George Roy Hill (1973) telling the story of a young con man, in September 1936, seeking revenge for his murdered partner, who teams up with a master of the big con to win a fortune from a criminal banker or a more recent movie based on the true story of Frank Abagnale. He was one of the most famous impostors claiming to have assumed multiple identities. Catch Me If You Can, directed by Steven Spielberg (2002), tells the story of how Frank successfully conned millions of dollars’ worth of checks as a Pan Am pilot, a doctor, and a legal prosecutor. Social engineering, and deception techniques now possible with the digital age, have started new lives. There is now the story of Kevin Mitnick (Mitnick and Simon 2002), who used his sophisticated skills to worm his way into many telephone and cell phone networks and vandalize government, corporate, and university computer systems. Arrested in 1995 (BBC 2002), after five years in prison for various computer and communications-related crimes, he wrote about his experience and illustrated the massive scale of social engineering and the effect on the computer security system as a whole.

Search for more...
Back to top

Use of cookies on this website

We are using cookies to provide statistics that help us give you the best experience of our site. You can find out more in our Privacy Policy. By continuing to use the site you are agreeing to our use of cookies.