Home : Internet Terms : Social Engineering Definition

Social Engineering

Social engineering, in the context of computer security, refers to tricking people into divulging personal information or other confidential data. It is an umbrella term that includes phishing, pharming, and other types of manipulation. While "social engineering" may sound innocuous (since it is similar to social networking), it refers specifically to malicious acts and is a topic all Internet users should understand.

Unlike hacking, social engineering relies more on trickery and psychological manipulation than technical knowledge. For example, a malicious user may send you a "phishing" email that says you need to reset your username and password for a specific website. The email may appear to be legitimate, but if you click the link in the message, it may direct you to a fake website that captures your information.

Another common type of social engineering uses false alerts on websites. For example, when you open a webpage, you might receive a message saying your computer has a virus and you need to download a specific program or call a phone number to fix it. In most cases, these alerts are auto-generated and are completely false. If you follow the instructions in the alert message, you may end up downloading spyware or giving away personal information over the phone.

Social engineering may also take place through social media. For example, malicious users may post public messages on sites like Facebook and Twitter that lure people into sharing personal information. Common example include false giveaways and prize alerts. In some cases, social engineers will even build relationships with others using online chat or private messaging before convincing them to divulge confidential data.

While most Internet users do not harbor malicious intent, social engineering is an unfortunate reality of the Internet. Therefore, it is wise to be skeptical of any message, email, or website that asks you to share personal data — especially if the request is from an unknown source. You can often verify the legitimacy of a message by checking the domain name of the website or contacting the author of the message. If you cannot verify the origin of a request, do not follow the instructions. By recognizing fake messages on the Internet, you can avoid being a victim of social engineering.

Updated: August 20, 2016

Cite this definition:

https://techterms.com/definition/social_engineering

TechTerms - The Tech Terms Computer Dictionary

This page contains a technical definiton of Social Engineering. It explains in computing terminology what Social Engineering means and is one of many Internet terms in the TechTerms dictionary.

All definitions on the TechTerms website are written to be technically accurate but also easy to understand. If you find this Social Engineering definition to be helpful, you can reference it using the citation links above. If you think a term should be updated or added to the TechTerms dictionary, please email TechTerms!