Social Engineering Psychological Approaches
Several basic “principles” or reasons make psychological social engineering effective. These include authority, intimidation, consensus/social proof, scarcity, urgency, familiarity/liking, and trust. Table 2-6 uses these principles in a scenario of an attacker pretending to be the chief executive officer (CEO) calling the organization’s help desk to have a password reset. Create two additional scenarios, such as an attacker impersonating a help desk employee who wants access to an employee’s protected information, and create a dialog example for each of the seven principles.