Wat is social engineering header
22 Juli 2021 / Facts

What is social engineering?

Every phishing attack has the same basis: 'social engineering'. What is it, how do you recognize it and how do you protect yourself from it? And what does Leonardo DiCaprio have to do with it?

Social engineering is an umbrella term that designates all techniques used to psychologically manipulate people. Its purpose is to get someone to disclose sensitive information or to perform certain actions. Almost every form of phishing relies on social engineering.

Hackers use social engineering to gain access to sensitive information such as passwords, PIN codes, confidential documents, etc. They play on the victim's feelings by pretending to be someone in charge, by applying pressure or by arousing pity.

Types of social engineering

There are several types of social engineering. The hacker may contact you in person by calling you (vishing) as a so-called help desk employee who needs your password to solve a problem. This can also be done via email (phishing) or text message (smishing).

Often the hacker has made up a pretext, a scenario that explains why they are asking for your data. The scenario exploits the victim's feelings, for example fear of being fired. Another example is dumpster diving, through which hackers try to obtain hard drives or paper documents by snooping around offices or dumpsters. They then use the specific information they found to attack or phish the victim in a more targeted way.

Wat is social engineering main


Social engineering case studies show that in the U.S. more than $4 billion in cybercrime losses were reported to the FBI in 2020. A little closer to home, Dutch webshop bol.com was scammed in 2019 by a so-called employee of another company, Brabantia. In an email, they asked to henceforth transfer the money into another bank account. Bol.com deposited over 750.000 euros to the scammer, until a real employee of Brabantia asked why they hadn’t paid their bills yet. Another example of such scammers is Leonardo DiCaprio. No, not the real one of course, but his portrayal of the infamous social engineer Frank Abagnale Jr. who you can see at work in Catch Me If You Can, which is based on a true story.

How can you recognize it?

Social engineering can have a big impact. One innocent-looking email or document lying around and you could lose millions of dollars or your identity just like that. It is therefore important to recognize and avoid instances of social engineering as quickly as possible. If you are asked for personal information and put under pressure, check whether the e-mail address or telephone number are official. Also, don't leave confidential documents lying around.

How can you protect yourself?

Be careful and be critical of each email, text, phone call... Of course, that is easier said than done. Phished can help you with this. Through our tailor-made simulations you will learn to recognize the characteristics of phishing emails. You will get tips on how to protect yourself against all kinds of social engineering and thanks to our Phished Academy you will become an expert in cybersecurity through playful quizzes and training.