Definition[edit | edit source]

An email social engineering attack

involves prompting the user to open an attachment or follow an unsolicited link. When the file or link is opened, the system becomes directly infected with malware or is subjected to exploits attempting to install malware.[1]

Overview[edit | edit source]

These attacks are commonly combined with phishing attacks that attempt to coerce the user into providing sensitive information.[2]

"Social engineering attacks rely on the interaction between an attacker and an employee interaction that often takes advantage of an employee's willingness to assist a seemingly harmless individual — to gain access to important agency information assets."[3]

References[edit | edit source]

See also[edit | edit source]

Community content is available under CC-BY-SA unless otherwise noted.