Summary 📝

Social Engineering Threats

Social engineering is when attackers trick real people into revealing secret information rather than breaking into a system with software. It covers key methods: 

blagging (also known as pretexting), 

phishing, and shouldering (or shoulder‑surfing)

Blagging uses a made‑up story to convince someone to share private data, phishing involves fake emails or messages posing as trusted sources to lure users into revealing logins, while shouldering means secretly watching someone type a PIN or password. 

Key learning Points 📌

• Social engineering: attackers trick people instead of hacking software.

• Blagging (pretexting): using a made‑up story to gain trust and extract confidential details.

• Phishing: sending fake emails or texts that appear genuine to steal personal credentials.

• Shouldering (shoulder‑surfing): watching over someone’s shoulder to see PIN or passwords.

• Why it works: attackers exploit human trust, curiosity, helpfulness or pressure.

• Protection: stay alert, verify identities, don’t share information easily, cover screens at cash‑points, question suspicious messages