Social engineering (security)

Phishing is a form of social engineering and a scam where attackers deceive people into revealing sensitive information or installing malware such as viruses, worms, adware, or ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim navigates the site, and traverses any additional security boundaries with the victim. As of 2020, it is the most common type of cybercrime, with the Federal Bureau of Investigation's Internet Crime Complaint Center reporting more incident

false or misleading information presented as news

type of malware that pretends to be a legitimate program

thumb|Cyberwarfare specialists of the United States Army's 782nd Military Intelligence Battalion (Cyber) supporting the [[3rd Brigade Combat Team, 1st Cavalry Division during a training exercise in 2019]]

information security concept: psychological manipulation of people into performing actions or divulging confidential information

Blackmail is a criminal act of coercion using a threat.

type of fraud where the victim unknowingly engages in one way trade with the perpetrator

act of obtaining secrets and information using methods on the Internet, networks or individual computers

thumb|upright=1.35|In a clickjacking attack, the user is presented with a false interface, where their input is applied to something they cannot see. Clickjacking (classified as a user interface redress attack or UI redressing) is a malicious technique of tricking a user into clicking on something different from what the user perceives, thus potentially revealing confidential information or allowing others to take control of their computer while clicking on seemingly innocuous objects, including web pages.

thumb|right|An example of a scareware popup Scareware is a form of malware which uses social engineering to cause shock, anxiety, or the perception of a threat in order to manipulate users into buying unwanted software (or other products). Scareware is part of a class of malicious software that includes rogue security software, ransomware and other scam software that tricks users into believing their computer is infected with a virus, then suggests that they download and pay for fake antivirus software to remove it. Usually the virus is fictional and the software is non-functional or malware i

form of criminal phone fraud, using social engineering over the telephone system to gain access to private personal and financial information for the purpose of financial reward

a confidence trick involving feigning romantic intentions towards a victim, gaining their affection, and then using that goodwill to commit fraud

creating an email spam or phishing messages with a forged sender identity or address

form of malicious software and internet fraud that misleads users into believing there is a virus on their computer and aims to convince them to pay for a fake malware removal tool

backdoor discovered in 2024

website that deliberately publishes hoaxes and disinformation

A pretext (: pretextual) is an excuse to do something or say something that is not accurate. Pretexts may be based on a half-truth or developed in the context of a misleading fabrication. Pretexts have been used to conceal the true purpose or rationale behind actions and words. They are often heard in political speeches.

Finnish company

Self-XSS (self cross-site scripting) is a type of security vulnerability used to gain control of victims' web accounts. In a Self-XSS attack, the victim of the attack runs malicious code in their own web browser, thus exposing personal information to the attacker.

internet vigilantism tactic

In computing, infostealers are a form of malicious software created to breach computer systems to steal sensitive information, such as login details, financial information, and other personally identifiable information. The stolen information is then packaged, sent to the attacker, and often traded on illicit markets to other cybercriminals.

YouTuber creating videos mainly about scam baiting

hardware device or software which changes the pitch or timbre of the user's voice

fraud pretending to be a lottery

attempt to manipulate outcomes of social behavior through orchestrated actions

thumb Tabnabbing is a computer exploit and phishing attack, which persuades users to submit their login details and passwords to popular websites by impersonating those sites and convincing the user that the site is genuine. The attack's name was coined in early 2010 by Aza Raskin, a security researcher and design expert. The attack takes advantage of user trust and inattention to detail in regard to tabs, and the ability of browsers to navigate across a page's origin in inactive tabs a long time after the page is loaded. Tabnabbing is different from most phishing attacks in that the user no l

Man-in-the-browser (MITB, MitB, MIB, MiB), a form of Internet threat related to man-in-the-middle (MITM), is a proxy Trojan horse that infects a web browser by taking advantage of vulnerabilities in browser security to modify web pages, modify transaction content or insert additional transactions, all in a covert fashion invisible to both the user and host web application. A MitB attack will be successful irrespective of whether security mechanisms such as SSL/PKI and/or two- or three-factor authentication solutions are in place. A MitB attack may be countered by using out-of-band transaction