Social engineering is defined as “a manipulation technique that exploits human error to gain private information, access, or valuables. In cybercrime, these “human hacking” scams tend to lure unsuspecting users into exposing data, spreading malware infections, or giving access to restricted systems. Attacks can happen online, in-person, and via other interactions.” A more thorough definition can be found here. I’m not sure if we have hit peak social engineering yet but we are definitely headed in that direction.
Especially with the rise of artificial intelligence (AI), people can be so easily hacked, swayed, and manipulated that it is/will be difficult to tell what is real. I am particularly concerned about what election season will look like. Here’s some ways to become more aware of, and thus more resistant to, social engineering attacks:
- Read the fine print. This AI generated social influencer says right on her social media platforms that she is AI-generated yet people still believe she is real.
- Search “sneak in” on YouTube. Some of their social engineering tactics are quite impressive. This guy pretty much takes the cake for social engineering tactics taken to extremes.
- Here are several ways to avoid social engineering attacks: examples here, here, here, and here.
- Learn about ways that social media is used to manipulate you (or just avoid social media all together). Part 1 Part 2
- Realize that AI will allow social engineering attacks to escalate exponentially (examples here and here).
- Just as in the real world, situational awareness should be key. Don’t give out personal information and don’t react emotionally to a situation (use logic and suspicion about any unusual situation). You could even play with the trolls if you want to, examples here and here.
- If you run into an unusual situation, try Googling the details. Chances are there will be several (in many cases several hundred) pages of information pointing out that it is a common scam.