Social Engineering

Social Engineering & Its Sneaky Types

What is Social Engineering?

Social engineering is when attackers hack people instead of computers. Instead of breaking firewalls, they manipulate human psychology — things like trust, fear, urgency, or curiosity — to trick someone into giving away information, money, or access.

Think of it like con artists moving online: they use tech channels (email, phone, SMS, QR codes) but the real target is always the human mind.


 Main Types of Social Engineering

📧 1. Phishing (Email Phishing)
  • How it works: Fake emails that look like they’re from banks, delivery companies, or work colleagues.

  • Goal: Steal logins, financial info, or install malware.

  • Red flag: Weird sender address, urgent tone, suspicious links/attachments.

📱 2. Smishing (SMS Phishing)
  • How it works: Scam texts pretending to be delivery updates, account alerts, or prize notifications.

  • Goal: Trick you into clicking malicious links or sharing codes.

  • Red flag: Shortened URLs or texts pushing “immediate action.”

📞 3. Vishing (Voice Phishing)
  • How it works: Scam calls or voicemails pretending to be banks, government, or tech support.

  • Goal: Get victims to share personal data, passwords, or transfer money.

  • Red flag: Caller insists you share codes/passwords or threatens consequences.

🔗 4. Quishing (QR Code Phishing)
  • How it works: Malicious QR codes on posters, flyers, or fake menus.

  • Goal: Send victims to fake websites or auto-download malware.

  • Red flag: Random QR stickers in public or codes promising huge discounts.

🎯 5. Spearphishing & Whaling
  • How it works: Highly targeted scams. Spearphishing = aimed at specific individuals. Whaling = aimed at executives or “big fish.”

  • Goal: Gain access to sensitive systems or money transfers.

  • Red flag: Message contains personal info to seem legit, but bypasses normal procedures.

🎁 6. Baiting
  • How it works: Attackers leave “free” USBs or files online with enticing labels.

  • Goal: Get users to plug in infected devices or download malware.

  • Red flag: Freebies that are too good to be true.