Term:Social Engineering

From FISMApedia
Jump to: navigation, search

GAO-09-232G

Social Engineering - A method used by hackers to obtain passwords for unauthorized access. For example, a hacker may call an authorized user of a computer system and pose as a network administrator to gain access.

NIST IR 7298

Social Engineering - An attempt to trick someone into revealing information (e.g., a password) that can be used to attack systems or networks. SOURCE: SP 800-61

NIST SP 800-114

Social Engineering - A general term for attackers trying to trick people into revealing sensitive information or performing certain actions, such as downloading and executing files that appear to be benign but are actually malicious.

NIST SP 800-115

Social Engineering - The process of attempting to trick someone into revealing information (e.g., a password).

NIST SP 800-116

Social Engineering - A process or technique, similar to a confidence game, used to obtain information from a person without raising suspicion.

NIST SP 800-61r1

Social Engineering - An attempt to trick someone into revealing information (e.g., a password) that can be used to attack systems or networks.

NIST SP 800-61

Social Engineering - An attempt to trick someone into revealing information (e.g., a password) that can be used to attack systems or networks.

NIST SP 800-82 Final Draft

Social Engineering - An attempt to trick someone into revealing information (e.g., a password) that can be used to attack systems or networks. [NIST SP 800-61, Computer Security Incident Handling Guide, January 2004.]

NSA IATF 3-1

Social Engineering - An attack based on deceiving users or administrators at the target site and is typically carried out by an adversary telephoning users or operators and pretending to be an authorized user, to attempt to gain illicit access to systems.