Social research



In general, social engineering methods generally take place according to the following scheme:

An approach phase allowing the user to be put in trust, pretending to be a person of his hierarchy, the company, his entourage or for a customer, a supplier, etc.
An alert system, in order to destabilize him and ensure the speed of his reaction. This could be a security pretext or an emergency

an unfair form of acquisition of information and fraud, used in the calculation to obtain from others a key good, service or information. This practice exploits the human and social defects of the destination structure, to which the targeted computer system is linked. Using his knowledge, charisma, imposture or cheek, the aggressor misuses the confidence, ignorance or credulity of those who possess what he is trying to accomplish.

A diversion, i. e. a sentence or situation that reassures the user and avoids focusing on the alert. For example, it may be a thank-you letter announcing that everything is in order, a simple sentence or, in the case of an e-mail or website, a redirection to the company’s website.