Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

social engineering

Abbreviation(s) and Synonym(s):

None

Definition(s):

  The act of deceiving an individual into revealing sensitive information by associating with the individual to gain confidence and trust.
Source(s):
NIST SP 800-63-2 under Social Engineering [Superseded]

  An attempt to trick someone into revealing information (e.g., a password) that can be used to attack systems or networks.
Source(s):
CNSSI 4009-2015 (NIST SP 800-61 Rev. 2)
NIST SP 800-61 Rev. 2 under Social Engineering
NIST SP 800-82 Rev. 2 under Social Engineering (NIST SP 800-61)

  A general term for attackers trying to trick people into revealing sensitive information or performing certain actions, such as downloading and executing files that appear to be benign but are actually malicious.
Source(s):
NIST SP 800-114 under Social Engineering [Superseded]

  The process of attempting to trick someone into revealing information (e.g., a password).
Source(s):
NIST SP 800-115 under Social Engineering

  The act of deceiving an individual into revealing sensitive information, obtaining unauthorized access, or committing fraud by associating with the individual to gain confidence and trust.
Source(s):
NIST SP 800-63-3 under Social Engineering