Publication details

Home Publications Publication details

Social Engineering: Exploiting the Weakest Links
Papadaki M, Furnell SM, Dodge RC
Whitepaper, European Network & Information Security Agency (ENISA), October, 2008
Links:  External link available

Social engineering refers to techniques that exploit human weaknesses and manipulate people into breaking normal security procedures. From the available evidence, it is clear that the scale and sophistication of related attacks are increasing, with evermore avenues being exploited to reach users (including email, instant messaging, and social networking sites).

Successful social engineering can be seen to rely upon a number of factors, including a convincing pretext for contacting the target, potentially accompanied by a degree of background research and/or the exploitation of current events. In addition, attackers are readily able to exploit psychological factors and human behaviour, as well as users‘ (mis)understanding of the technology that they are required to use.

Papadaki M, Furnell SM, Dodge RC