U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

social engineering

Definition(s):

  An attempt to trick someone into revealing information (e.g., a password) that can be used to attack systems or networks.
Source(s):
CNSSI 4009-2015 from NIST SP 800-61 Rev. 2
NIST SP 800-61 Rev. 2 under Social Engineering
NIST SP 800-82 Rev. 2 under Social Engineering from NIST SP 800-61

  The process of attempting to trick someone into revealing information (e.g., a password).
Source(s):
NIST SP 800-115 under Social Engineering

  The act of deceiving an individual into revealing sensitive information, obtaining unauthorized access, or committing fraud by associating with the individual to gain confidence and trust.
Source(s):
NIST SP 1800-21B under Social Engineering from NIST SP 800-63-3
NIST SP 800-63-3 under Social Engineering

  A general term for attackers trying to trick people into revealing sensitive information or performing certain actions, such as downloading and executing files that appear to be benign but are actually malicious.
Source(s):
NIST SP 800-114 [Superseded] under Social Engineering

  The act of deceiving an individual into revealing sensitive information by associating with the individual to gain confidence and trust.
Source(s):
NIST SP 800-63-2 [Superseded] under Social Engineering