Translate in another language

#21 Social Engineering: Human Factor for Cyber Security

Role of Human behaviour in Cybercrime.

#21 Social Engineering: Human Factor for Cyber Security
Image credit: Freepik

In August, India released National Crime Records Bureau data illustrating the alarming increase in cybercrime. Most notably, India recorded 52,974 incidents of cybercrime in 2021, up from 50,035 cases in 2020 and up more than 15% from 2019. (44,735 cases).

India is in the top five countries in terms of victims of cybercrime, According to the recently released Internet Crime Report by the FBI. Moreover, 48% of the people will exchange their password for a chocolate, reveals a study. Such trends highlight the need for greater education on the risks associated with cybercrime as well as effective protection strategies.

NCRB data also indicates perpetrators' motivations, with online fraud accounting for the majority of recorded offenses. This raises an important question - How prepared are we to fend off cyberattacks?

Cybercriminals are constantly developing new methods of carrying out social engineering attacks to gain access to their victims' accounts and data. Social engineering typically involves tricking unsuspecting victims into acting by providing them with convincing information via phone calls, email, or even social media platforms. An example of a social engineering attack would be an email requesting the user to update their username and password for an account they own. If the email looks authentic and seems legitimate, the user would update their account without realizing they were being duped by a scammer.

The bad news is, that cybercrime will never be going away. The good news is that you can protect yourself from these threats by using simple techniques like keeping your password safe, changing your password regularly, and never provide your personal information or login information to unknown sources via email.

Why do people fall for social engineering attacks?

Research suggests that humans are often the weakest link when it comes to protecting against cyber-attacks.

Cybercriminals exploit limitations in a user's cognitive processing to achieve successful attacks. In addition, social engineering attacks rely on human weaknesses such as credulity, greed, ignorance, curiosity, carelessness, and helpfulness. However, focusing simply on human vulnerabilities falls short of explaining how social engineering assaults work. Numerous academics use Cialdini's six principles of influence and persuasion—reciprocity, commitment and consistency, social evidence, liking, authority, and scarcity—to explain the effectiveness of social engineering assaults.

Most social engineering attacks can be carried out using relatively simple methods which do not require technical knowledge to carry out. There are many different types of social engineering attacks and they often take advantage of a person's trust or naivete to fool them into performing an action that could have devastating consequences such as opening a malicious attachment or giving hackers access to their system. To help prevent these types of attacks from occurring, you need to be aware of the different tactics that cybercriminals use to gain access to your information.

Such social engineering tactics are often successful because they exploit human vulnerabilities, including cognitive limitations. Therefore, it is important to take a more holistic approach when designing security systems against social engineering attacks. By incorporating insights from psychology, it is possible to better understand why people are susceptible to these attacks and develop more robust solutions against them.


Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to IP Wave.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.