Skip to main content
Tech Radar
  • Tech Radar Pro
  • Tech Radar Gaming
Tech Radar Pro TechRadar IT Insights for Business
Subscribe
RSS
Asia
flag of Singapore
Singapore
Europe
flag of Danmark
Danmark
flag of Suomi
Suomi
flag of Norge
Norge
flag of Sverige
Sverige
flag of UK
UK
flag of Italia
Italia
flag of Nederland
Nederland
flag of België (Nederlands)
België (Nederlands)
flag of France
France
flag of Deutschland
Deutschland
flag of España
España
North America
flag of US (English)
US (English)
flag of Canada
Canada
flag of México
México
Australasia
flag of Australia
Australia
flag of New Zealand
New Zealand
Technology Magazines
Technology Magazines
Why subscribe?
  • The best tech tutorials and in-depth reviews
  • Try a single issue or save on a subscription
  • Issues delivered straight to your door or device
From$12.99
View
  • News
  • Reviews
  • Features
  • Expert Insights
  • Website builders
  • Web hosting
  • Security
Trending
  • Best standing desk deals
  • Best cloud storage 2023
  • What is Microsoft Teams?
  • Expert Insights

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

  1. Home
  2. Features
  3. Computing
Supported

Social engineering attacks: explained

By Rob Clymo
published 22 September 2022

Top tips and tricks to help fend off attacks by cybercriminals

In Association with

NordPass
A representative image of someone hacking online.
(Image credit: 123RF)

Social engineering attacks can encompass all sorts of malicious activities, which are largely based around human interaction. They can involve psychological manipulation being used to dupe people into making simple mistakes, which can often have wider repercussions. People might not immediately realize it, but successful social engineering attacks can be called upon to prize sensitive information out of an individual and, often, they may not even realize it’s happening. 

In order to do this, cybercriminals utilize a series of steps that are designed to home in on an unsuspecting person, first using a combination of investigative techniques in order to secure background information on the victim. Following on from that, the perpetrator will attempt to gain the potential victims trust, all the while hoping to catch them out and persuade the individual into giving away secrets about themselves, unwittingly or otherwise.

NordPass is a Top-Rated Password Manager

NordPass is a Top-Rated Password Manager
Our editors praise its accessible, competent, and easy-to-use solution. Techradar readers can get NordPass Premium for 55% off - plus 3 months free - by visiting NordPass.com.

View Deal

Techniques behind social engineering attacks

Criminals who carry out social engineering attacks use a variety of methods in order to get the information they’re after. They might use baiting, for example, in order to tempt an individual into trying their luck, perhaps by entering into an offer or the chance to win a prize. Sometimes the virtual carrot can be replaced by something physical, such as a hard drive that might be infected with malware, which can then be used to infiltrate a users computer.

Other common methods used by those carrying out social engineering attacks include a raft of phishing techniques that can include spam, spear and voice phishing along with the likes of SMS attempts. Search engine phishing and URL phishing are also popular routes taken by cybercriminals, while web browsing sessions can frequently be targeted by hackers too. 

Scareware is another route taken by cybercriminals, often meaning a potential victim could be persuaded to click on a pop-up telling them their computer may be infected This can happen when users go to websites that might be infected by malicious advertising, or via messages received through email accounts. Ultimately, the end game for social engineering attackers is to disrupt the victim by carrying out acts of sabotage, or to steal from someone by taking valuable assets such as information or access, as well as money.

Scams that can take time

Not all social engineering attacks happen quickly and, in fact, some attempts can use a full suite of techniques including preparation and infiltration, which can happen over a period of time, sometimes months. Scams can often be carried out via email or phone and even face-to-face in some instances. Little and often techniques can frequently persuade individuals to part with information about themselves or their affairs unwittingly, which allows cybercriminals to slow build up a bigger picture of the potential victim.

In some cases, victims can part with information without even realizing the person they’re dealing with is a criminal. They may be posing as an IT support person or helpline staff, which can often mean they will be able to persuade a potential victim to part with more information than normal. Social engineering attacks can be so well done that they generate a range of emotions in the victim, from fear to excitement, from curiosity and anger right on through to guilt.

Dealing with social engineering attacks

Cybercriminals have become so good at social engineering attacks that they can often be difficult to spot, even by people who might have been duped before. However, the good news is that there is plenty of help at hand for anyone wanting to minimize the threat of social engineering attacks. One of the best things to do initially is to familiarize yourself with the tell-tale signs of a social engineering attack.

It’s a good idea to have a mental checklist of things to work through before you respond to emails or messages, even if they’ve fired you up to make a rapid response. Try to keep a cool, reasoned head even if you’ve seen a message that might have stirred up your emotions. Does it appear to be legitimate? Is it really from a trusted sender, or does there seem to be something odd about the communication?

Pick through a few details before you do anything: have you been sent an offer that sounds amazing? Too amazing perhaps? Are there any attachments or spurious links that might need to be clicked on? It’s worth checking back through the email or text details very carefully before you proceed because you may well find something contained inside the information that doesn't look right, or doesn't quite add up.

Preventing social engineering attacks

By taking your time to carry out some double checks on anything you’re not sure about, you may well be able to prevent social engineering attacks. However, in addition it's a very good idea to get yourself the latest security software, as well as investing in a password manager. Arming yourself with an up-to-date package, and paying for one that also keeps itself updated as time goes on will help to lessen the risks.

You should also use multi-factor authentication where possible too, which is a great way of helping to lock down online accounts. In fact, create as many obstacles for cybercriminals as is possible. It might seem like a lot more effort, but getting into this mindset can help tackle cybercriminals and social engineering attacks head on. Think about fingerprint or facial recognition if it’s possible to set up, for example.

Finally, arm yourself with a paid-for password manager. There are free options available but these are not as good for obvious reasons. Password manager software is very affordable especially when you consider just how much time, hassle and money it could save you by helping to prevent attacks from cybercriminals. The same goes for investing in a virtual private network or VPN too, as this is a great way of keeping your information hidden down a private and encrypted tunnel.

Common sense techniques

Finally, spend some time thinking about how you use your connected devices. It’s easy to get lazy and leave your phone or laptop sitting around, or not bother to set up secure passwords. This is just the sort of thing cybercriminals are on the lookout for. Even if you’re diligent and use lots of the security techniques outlined above, it is still possible to get caught out. 

However, using a combination of careful thinking and some of the best security software you can afford, you’ll be in a much better place than trying to ignore the problem in the vain hope that it’ll go away. Just remember: it won’t.

We've featured the best business password managers.

TechRadar Pro created this content as part of a paid partnership with NordPass. The contents of this article are entirely independent and solely reflect the editorial opinion of TechRadar Pro.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
Rob Clymo
Rob Clymo
Social Links Navigation

Rob Clymo has been a tech journalist for more years than he can actually remember, having started out in the wacky world of print magazines before discovering the power of the internet. Since he's been all-digital he has run the Innovation channel during a few years at Microsoft as well as turning out regular news, reviews, features and other content for the likes of TechRadar, TechRadar Pro, Tom's Guide, Fit&Well, Gizmodo, Shortlist, Automotive Interiors World, Automotive Testing Technology International, Future of Transportation and Electric & Hybrid Vehicle Technology International. In the rare moments he's not working he's usually out and about on one of numerous e-bikes in his collection.

More about computing
Computex

Computex 2023: everything to know about the biggest computing event of the year

Aston Martin F1

How NetApp's superfast data skills are helping push Aston Martin F1 up the grid

Latest
Carlos Alcaraz of Spain plays a backhand

French Open live stream: how to watch Roland Garros 2023 for FREE online

See more latest ►
Most Popular
5 things I want to see on the rumored MacBook Air

By Michelle Rae UyMay 27, 2023

Turkey elections: will the internet withstand the final round?

By Chiara CastroMay 26, 2023

Check out my two favorite laptops from Acer’s Computex 2023 Announcement

By Muskaan SaxenaMay 26, 2023

Coral Island proved to me there is still plenty of space for farm sims

By Josephine WatsonMay 26, 2023

5 reasons Fortnite still vanquishes all the online pretenders

By James DalyMay 26, 2023

Final Fantasy 14’s latest patch is about refugees, trust, and found family

By Cat BussellMay 26, 2023

Lego 2K Drive puts Mario Kart to shame with its flair and originality

By Cat BussellMay 26, 2023

4 Bluetooth speakers to look for in the Memorial Day sales, for all budgets

By Matt BoltonMay 25, 2023

Alan Wake 2 was my big winner at the PlayStation Showcase – here’s why

By Rhys WoodMay 25, 2023

Feeling pumped after Arnie’s Netflix show FUBAR? Watch these 6 action comedies now

By Grace DeanMay 25, 2023

How to choose a mattress on Memorial Day

By Jim McCauleyMay 25, 2023

  1. A screen shot of the Live TV tab on Android TV
    1
    Android TVs are getting 800 free channels in a great free update
  2. 2
    You'll soon be able to create all kinds of documents in Google Docs - here's how
  3. 3
    Don’t panic: there’s a reason your iPhone’s battery is draining faster than usual
  4. 4
    Why I want Bose earbuds in the Memorial Day deals over Sony or AirPods
  5. 5
    Microsoft is finally introducing the feature that’ll make me upgrade to Windows 11
  1. Poster for Silo on Apple TV Plus
    1
    Apple TV Plus is now a sci-fi TV show utopia – here are 4 series you need to watch
  2. 2
    The latest iPhone 15 charging rumor sounds very un-Apple
  3. 3
    Amazon dunking on Netflix's password rules takes us back to PlayStation vs Xbox One
  4. 4
    Don’t panic: there’s a reason your iPhone’s battery is draining faster than usual
  5. 5
    Feeling pumped after Arnie’s Netflix show FUBAR? Watch these 6 action comedies now
Technology Magazines
  • ●
Technology Magazines
  • The best tech tutorials and in-depth reviews
From$12.99
View

TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.

  • About Us
  • Contact Future's experts
  • Contact Us
  • Terms and conditions
  • Privacy policy
  • Cookies policy
  • Advertise with us
  • Web notifications
  • Accessibility Statement
  • Careers

© Future US, Inc. Full 7th Floor, 130 West 42nd Street, New York, NY 10036.