The team at CYFIRMA has analyzed and researched social engineering attacks in depth. The research paper reports techniques used by various threat actors to initiate the first stage of a deadly cyber-attack. The paper discusses the psychological role, and how it becomes an important part of the social engineering attack. Further, we discuss a few social engineering attacks which led to successful compromises. This paper will expose the mindset that drives threat actors to plan and execute social engineering attacks on various occasions.

CYFIRMA will break down each part of social engineering attacks from the attacker’s perspective as part of this research. We will discuss and study the attacker’s approach to social engineering attacks as per long and short-term goals. This should help users to gain clear awareness of social engineering attacks that are planned by the threat actors behind closed doors. All the bigger and smaller cyber-attacks are led by social engineering. Plucking the first step of a cyber-attack from the root level would help cyberspace to be more secure. This paper will have a detection section to help the cyber community identify potential attacks before they could even start.

Social engineering attacks psychologically manipulate the human mind and make them do what they are not supposed to do within its full active sense. Social engineering happens in our day-to-day lives. One can use social engineering within their friend’s circle to make things work out in their favour, during street shopping one can use social engineering to bargain the price of a product or as a student, try to convince a teacher after failing to complete his homework on time. In information security, social engineering has a different meaning. In cyber security, social engineering is considered a cyber-attack.
Social engineering is the most used cyber-attack by threat actors in current times. Ransomware groups, Advance persistence teams, scammers, and other threat actors use social engineering before conducting advanced technical attacks. The bigger the target, the more sophisticated the art of deception can get on the cyber playground. The success of cyber-attacks depends upon the social engineering manoeuvre of threat actors. As the internet and its users grow across the world, cyber security firms have also captured massive coverage to spread awareness among common users, government entities, and private organizations about potential cyber-attacks. Though their target could be anyone depending on their interest, for a successful attack, attackers must indirectly fight with cyber security firms who frequently dismantle the latter’s tactics and techniques by releasing cyber security updates. With the help of these updates on the internet, users have evolved to intercept common social engineering attacks they face or potentially might face. However, threat actors have not given up on their vicious intention to accomplish their aim. They are frequently creating and inventing new social engineering attacks to exploit unintended loose ends of the human brain. They constantly change their social engineering attacks by leveraging geopolitical events, religious issues, war, social issues, data leaks, pandemics, etc. Social engineering attacks are always there in the arsenal of threat actors to make victims fall into their malicious cyber trap. It is extensively used for pushing the victims to interact with malicious files or malicious uniformed resource locator [URL] and to fetch critical information by engaging with the victim via e-mail, chatting, or phone call. Social engineering attack plays a more important role when threat actors are not technically or resourcefully advanced.