Full Program »
Social Engineering As The Art of Deception In Cyber-Attacks: A Mapping Review
Social engineering is the art of getting users to compromise information sys-tems, presenting itself as a novel deception strategy. Social engineers target individuals with access to information to manipulate them into disclosing sensitive data or even carrying out malicious attacks through influence and persuasion. These types of attacks have become the most significant cyber-security threats. This bibliographic review aims to analyze social engineering due to its impact on the productivity and efficiency of organizations, using deception and knowledge of human vulnerabilities to establish gaps in in-formation security and gain access to secure data. We conclude that social engineering acts based on human exposure through attacks in 4 clearly de-fined phases. These attacks can be classified, first, considering the target as humans and computers, and finally, according to how the attack is made, as social, technical, and physical.