Types, Impacts, Attacks and Examples of Attacks of Social Engineering (Essay Sample)

Assignment Title: Social engineering
Introduction
Social engineering represents a threat to both the individuals and the state as a whole. It refers to a situation where a person manipulates others or a group of individuals to get sensitive and confidential information from them. A good example is a person using various methods to cheat you so that you can unknowingly provide them with your email password or the pin to the bank account. Some of them can trick you so that they can install malware on your computer and the malware can allow them to access critical data from you. The key reason why attackers prefer to use this approach is that it is easier to use compared to the other methods (Luo et al, 2013). They can exploit trust developed between them and their victim and get the information they want. Getting information may be very hard so they prefer involving their victims to make the work easier.
Discussion
Various types of social engineering exist. However, fundamental characteristics common to all of them is that they aim to achieve a common goal, always known to the attacker. Their goals are not God and negatively affect their victims. One type of this attack is phishing. This attack depicts social engineering attacks aimed at their victim. The main avenue of this attacks is websites, email or other social sites. The attack appears to emanate from people we know, or we trust (Dadkhah et al, 2015). Such attack could come from organizations such as banks which we trust. The message instils fear to the victim, a move that makes them give away their sensitive data unknowingly. Another form of this attack is Baiting. Despite the fact that this attack appears similar to the phishing, it is different. In this type of attack, the attacker presents something attractive or enticing to make them give away their secret data. For example, the attacker may intentionally leave a nice flash disk at the desk of the victim. The victim may get curious to know what the disk contains and when they plug it in their computer, it installs malware that helps the attacker get vital information.
Another type of attack is Quid pro-Quo attack in which the attacker presents the victim with an offer too sweet to reject. For example, they may provide free technical assistance for a firm and in the process get access to vital data from the company. Pretexting is another form of attack where the attack relies on trust between the victim and the attacker. The attacker may also impersonate themselves for example as a heat of an IT support department. They may send attachments as legitimate managers, and when an employee opens it, they may install malware on the company computers withou