Cyber threat actors and their techniques have evolved, but most attacks still contain elements of social engineering. Without complex tools, software or extensive knowledge about the security platform, social engineering is an effective, non-technical strategy used by cyber criminals. It relies primarily on human interaction to gain trust and manipulates people into breaking standard security practices.
Common social engineering techniques used to target users include phishing and pretexting.
This is one of the topics highlighted in the report: Advancing Cyber Risk Management: From Security to Resilience, a new report from Marsh & McLennan Insights developed in partnership with Mandiant, a FireEye company.