Source language: English
Social engineering (computer security)
From Wikipedia, the free encyclopedia
Jump to: navigation, search
For a similar concept in a different discipline see Social engineering (political science).
Social engineering is the practice of obtaining confidential information by manipulation of legitimate users. A social engineer will commonly use the telephone or Internet to trick people into revealing sensitive information or getting them to do something that is against typical policies. By this method, social engineers exploit the natural tendency of a person to trust his or her word, rather than exploiting computer security holes. It is generally agreed upon that “users are the weak link†in security and this principle is what makes social engineering possible.