Professional paper
Social engineering strategies: human as target
Miljenko Vrbanec
; Međimursko veleučilište u Čakovcu
Magdalena Zeko
; Međimursko veleučilište u Čakovcu
Abstract
Social engineering is the dominant method of data theft in today's technologically advanced society. These types of fraud target human weaknesses, not just technological vulnerabilities. The main goal of the attack is the theft of confidential information through psychological manipulation of users. This practice includes techniques such as phishing, vishing, smishing, baiting, and scareware. Phishing stands out as the most common method, involving fake messages with links to steal personal data. Attackers often use emotional manipulation, creating a sense of urgency or fear. Industrial espionage and identity theft are becoming more frequent, driven by the growth of digital marketing and online shopping. Sophisticated frauds targeting managers and corporate systems are also emerging. Prevention involves technical measures such as antivirus programs, firewalls, and security policies, but user education is crucial. Personal information should be carefully protected, and passwords should be changed regularly. Organizations need to combine physical security, access control, and layered defense to reduce risks. The national legal framework recognizes crimes against computer systems, and the new Cybersecurity Act requires risk management and incident reporting. A combination of technical protection and user awareness is key to combating social engineering attacks, thereby reducing potential damage to individuals and organizations.
Keywords
Social engineering, information manipulation, data theft, internet security
Hrčak ID:
328536
URI
Publication date:
19.12.2024.
Visits: 622 *