The Art of Hacking Humans: Intro to

Social Engineering
Conclusion
Malicious individuals and entities have increasingly adopted electronic devices and
platforms as mediums for carrying out attacks and targets for their malicious goals. They
could also target these devices and platforms not as the end targets, but as a stepping
stone to achieve their dubious objectives. Targeting these devices and platforms is by no
means an easy task, and could require very expensive tools and scarce difficult to attain
expertise for attackers to be able to penetrate their targets, however, this bottleneck can be
side-stepped by targeting the weakest link as far as these devices and platforms are
concerned – that is the human factor. Human weaknesses can be easily exploited by
malicious attackers to achieve their malicious goals. Criminals and adversarial nation states
have found that it is cheaper, less complicated and safer to adopt social engineering to at
least initiate attacks.
Exploiting human weaknesses in order to achieve criminal or malicious objectives is
definitely not a new domain; it has been around from time immemorial. It is from these
previous techniques that modern day applications of social engineering evolved – the likes
of the “Spanish Prisoner”, “Letter from Jerusalem”, chain messages and other cons. These
cons of old have shown that human weaknesses can be exploited at any time and the
perseverance of the modern ones shows that technology is useless in protecting against
them if the protection is not in conjunction with strengthening the human factor against its
weaknesses, as you are as strong as your weakest link.
In order to be safe from the menace of social engineering, individuals and organizations
need to be aware of how it can be used to exploit them. If you are aware of threats against
you and how they manifest, that will make you well prepared for them and know how to
avoid falling victim to them. Organizations need to be constantly enlightening their
employees, partners and customers as regards social engineering to reduce their risk of
falling prey to the techniques, and individuals on their own part should also ensure they
learn about the techniques and how to avoid falling victim. It is unrealistic to think that
everyone can become 100% safe from social engineering as humans have weaknesses like
carelessness and forgetfulness; moreover even security experts sometimes get sloppy and
fall for the simplest social engineering tricks. Hence, the objective is to reduce the risk of
becoming victim to social engineering techniques to the barest minimum with enlightenment
and awareness.