Human Hacking

Human hacking is a type of social engineering, the psychological manipulation of people into performing actions or divulging confidential information. It is often one of many steps in a more complex fraud scheme. It has also been defined as “any act that influences a person to take an action that may or may not be in their best interests.”

An example of social engineering is the use of the “forgot password” function on most websites which require login. An improperly-secured password-recovery system can be used to grant a malicious attacker full access to a user’s account, while the original user will lose access to the account.

The following video (from Mandiant’s Cyber Defense Summit 2021) explains the concepts and techniques of human hacking in detail.

Photo by Joan Gamell on Unsplash