{"id":41253,"date":"2015-02-18T22:00:19","date_gmt":"2015-02-19T06:00:19","guid":{"rendered":"https:\/\/blogs.mcafee.com\/?p=41253"},"modified":"2025-08-15T09:20:44","modified_gmt":"2025-08-15T16:20:44","slug":"hacking-human-os-report-social-engineering","status":"publish","type":"post","link":"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/","title":{"rendered":"Hacking the Human OS: A Report on Social Engineering"},"content":{"rendered":"<p>Why are data breaches so commonplace?\u00a0 Whether the attacks are against the energy sector as reported July 2014<a href=\"#_edn1\" name=\"_ednref1\">[i]<\/a> with over 1,000 energy companies in North America and Europe reported to have been compromised.\u00a0 To other attacks targeting other sectors (e.g. Operation Troy, Operation High Roller Nightdragon, etc.) it would appear that no sector is immune from data breaches. One common theme amongst these and other attacks is the initial infection vector, namely exploiting the subconscious of a trusted employee. The modus operandi for most of the common data breaches is to leverage some form of social engineering to coerce the user into an action facilitating malware infection.<\/p>\n<h2>The Prevalence of Social Engineering<\/h2>\n<p>The prevalence of social engineering in many publicly disclosed cyber-attacks demonstrates either an inherent weakness in the acumen of victims to distinguish malicious communications, or that cybercriminals are using more complex methods to bypass the \u2018human firewall\u2019.\u00a0 The answer of course likely lies somewhere in between these two statements, but regardless of the root case it does demonstrate that the first line of defense is evidently failing.\u00a0 The default position to blame users as the cause for breaches which is not entirely fair.\u00a0 Whilst there will be examples where clearly unsafe practices are being employed, our latest whitepaper \u201cHacking the Human Operating System\u201d demonstrates the techniques used by attackers are to bypass the consciousness of their targets and attempt to manipulate victims through leveraging subconscious levers of influence.<\/p>\n<p>The paper reviews the concept of social engineering; the techniques used within many of the recent cyber-attacks, levers used to influence victims, communication channels used, and suggested controls to reduce the risk.. \u00a0\u00a0Much has been written about social engineering.\u00a0 The content of these sources vary widely, from definitions, to mitigation.\u00a0 The purpose of the paper is to define the concepts, and introduce mitigations that go beyond simply suggesting that awareness is a panacea.<\/p>\n<p>Unless we address the first line of defense, data breaches will continue to hog our Twitter timelines, and support the ever burgeoning cost of cybercrime.<\/p>\n<p>Twitter@Raj_Samani<\/p>\n<p>Twitter @McAfee_Labs<\/p>\n<p><a href=\"#_ednref1\" name=\"_edn1\">[i]<\/a> http:\/\/www.bbc.co.uk\/news\/technology-28106478<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Why are data breaches so commonplace?\u00a0 Whether the attacks are against the energy sector as reported July 2014[i] with over&#8230;<\/p>\n","protected":false},"author":460,"featured_media":154516,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[10661,13],"tags":[1814,3923,4141,18,4287],"coauthors":[1359],"class_list":["post-41253","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-internet-security","category-privacy-identity-protection","tag-computer-security","tag-email-and-web-security","tag-mcafee-labs-report","tag-network-security","tag-social-engineering"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Hacking the Human OS: A Report on Social Engineering | McAfee Blog<\/title>\n<meta name=\"description\" content=\"Why are data breaches so commonplace?\u00a0 Whether the attacks are against the energy sector as reported July 2014 with over 1,000 energy companies in North\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hacking the Human OS: A Report on Social Engineering | McAfee Blog\" \/>\n<meta property=\"og:description\" content=\"Why are data breaches so commonplace?\u00a0 Whether the attacks are against the energy sector as reported July 2014 with over 1,000 energy companies in North\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/\" \/>\n<meta property=\"og:site_name\" content=\"McAfee Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/McAfee\/\" \/>\n<meta property=\"article:published_time\" content=\"2015-02-19T06:00:19+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-08-15T16:20:44+00:00\" \/>\n<meta name=\"author\" content=\"Raj Samani\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@raj_samani\" \/>\n<meta name=\"twitter:site\" content=\"@McAfee\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Raj Samani\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/\"},\"author\":{\"name\":\"Raj Samani\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/c599d4c6fbfe639ab3c623dbab743efc\"},\"headline\":\"Hacking the Human OS: A Report on Social Engineering\",\"datePublished\":\"2015-02-19T06:00:19+00:00\",\"dateModified\":\"2025-08-15T16:20:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/\"},\"wordCount\":361,\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2022\/06\/614x300_Blog_socialengineering.png\",\"keywords\":[\"computer security\",\"email and web security\",\"McAfee Labs Report\",\"network security\",\"social engineering\"],\"articleSection\":[\"Internet Security\",\"Privacy &amp; Identity Protection\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/\",\"name\":\"Hacking the Human OS: A Report on Social Engineering | McAfee Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2022\/06\/614x300_Blog_socialengineering.png\",\"datePublished\":\"2015-02-19T06:00:19+00:00\",\"dateModified\":\"2025-08-15T16:20:44+00:00\",\"description\":\"Why are data breaches so commonplace?\u00a0 Whether the attacks are against the energy sector as reported July 2014 with over 1,000 energy companies in North\",\"breadcrumb\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#primaryimage\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2022\/06\/614x300_Blog_socialengineering.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2022\/06\/614x300_Blog_socialengineering.png\",\"width\":614,\"height\":300},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Internet Security\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/internet-security\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Hacking the Human OS: A Report on Social Engineering\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"name\":\"McAfee Blog\",\"description\":\"Internet Security News\",\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\",\"name\":\"McAfee\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"width\":1286,\"height\":336,\"caption\":\"McAfee\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/McAfee\/\",\"https:\/\/x.com\/McAfee\",\"https:\/\/www.linkedin.com\/company\/mcafee\/\",\"https:\/\/www.youtube.com\/McAfee\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/c599d4c6fbfe639ab3c623dbab743efc\",\"name\":\"Raj Samani\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/84322977b2e4d74026259dbee600b443\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/08\/Picture1-1-96x96.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/08\/Picture1-1-96x96.png\",\"caption\":\"Raj Samani\"},\"description\":\"Raj Samani is Chief Scientist and Fellow for the Enterprise business. He has assisted multiple law enforcement agencies in cybercrime cases and is a special advisor to the European Cybercrime Centre in The Hague. Samani has been recognized for his contribution to the computer security industry through numerous awards, including the Infosecurity Europe hall of Fame, Peter Szor award, and Intel Achievement Award, among others. He is the co-author of the book \\\"Applied Cyber Security and the Smart Grid\\\" and the \\\"CSA Guide to Cloud Computing,\\\" as well as technical editor for numerous other publications.\",\"sameAs\":[\"http:\/\/www.mcafee.com\/\",\"https:\/\/www.linkedin.com\/in\/raj-samani-3697b9\/\",\"https:\/\/x.com\/raj_samani\"],\"url\":\"https:\/\/www.mcafee.com\/blogs\/author\/raj-samani\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hacking the Human OS: A Report on Social Engineering | McAfee Blog","description":"Why are data breaches so commonplace?\u00a0 Whether the attacks are against the energy sector as reported July 2014 with over 1,000 energy companies in North","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Hacking the Human OS: A Report on Social Engineering | McAfee Blog","og_description":"Why are data breaches so commonplace?\u00a0 Whether the attacks are against the energy sector as reported July 2014 with over 1,000 energy companies in North","og_url":"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/","og_site_name":"McAfee Blog","article_publisher":"https:\/\/www.facebook.com\/McAfee\/","article_published_time":"2015-02-19T06:00:19+00:00","article_modified_time":"2025-08-15T16:20:44+00:00","author":"Raj Samani","twitter_card":"summary_large_image","twitter_creator":"@raj_samani","twitter_site":"@McAfee","twitter_misc":{"Written by":"Raj Samani","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#article","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/"},"author":{"name":"Raj Samani","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/c599d4c6fbfe639ab3c623dbab743efc"},"headline":"Hacking the Human OS: A Report on Social Engineering","datePublished":"2015-02-19T06:00:19+00:00","dateModified":"2025-08-15T16:20:44+00:00","mainEntityOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/"},"wordCount":361,"publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2022\/06\/614x300_Blog_socialengineering.png","keywords":["computer security","email and web security","McAfee Labs Report","network security","social engineering"],"articleSection":["Internet Security","Privacy &amp; Identity Protection"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/","url":"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/","name":"Hacking the Human OS: A Report on Social Engineering | McAfee Blog","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#primaryimage"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#primaryimage"},"thumbnailUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2022\/06\/614x300_Blog_socialengineering.png","datePublished":"2015-02-19T06:00:19+00:00","dateModified":"2025-08-15T16:20:44+00:00","description":"Why are data breaches so commonplace?\u00a0 Whether the attacks are against the energy sector as reported July 2014 with over 1,000 energy companies in North","breadcrumb":{"@id":"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#primaryimage","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2022\/06\/614x300_Blog_socialengineering.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2022\/06\/614x300_Blog_socialengineering.png","width":614,"height":300},{"@type":"BreadcrumbList","@id":"https:\/\/www.mcafee.com\/blogs\/internet-security\/hacking-human-os-report-social-engineering\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/www.mcafee.com\/blogs\/"},{"@type":"ListItem","position":2,"name":"Internet Security","item":"https:\/\/www.mcafee.com\/blogs\/internet-security\/"},{"@type":"ListItem","position":3,"name":"Hacking the Human OS: A Report on Social Engineering"}]},{"@type":"WebSite","@id":"https:\/\/www.mcafee.com\/blogs\/#website","url":"https:\/\/www.mcafee.com\/blogs\/","name":"McAfee Blog","description":"Internet Security News","publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.mcafee.com\/blogs\/#organization","name":"McAfee","url":"https:\/\/www.mcafee.com\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","width":1286,"height":336,"caption":"McAfee"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/McAfee\/","https:\/\/x.com\/McAfee","https:\/\/www.linkedin.com\/company\/mcafee\/","https:\/\/www.youtube.com\/McAfee"]},{"@type":"Person","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/c599d4c6fbfe639ab3c623dbab743efc","name":"Raj Samani","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/84322977b2e4d74026259dbee600b443","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/08\/Picture1-1-96x96.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/08\/Picture1-1-96x96.png","caption":"Raj Samani"},"description":"Raj Samani is Chief Scientist and Fellow for the Enterprise business. He has assisted multiple law enforcement agencies in cybercrime cases and is a special advisor to the European Cybercrime Centre in The Hague. Samani has been recognized for his contribution to the computer security industry through numerous awards, including the Infosecurity Europe hall of Fame, Peter Szor award, and Intel Achievement Award, among others. He is the co-author of the book \"Applied Cyber Security and the Smart Grid\" and the \"CSA Guide to Cloud Computing,\" as well as technical editor for numerous other publications.","sameAs":["http:\/\/www.mcafee.com\/","https:\/\/www.linkedin.com\/in\/raj-samani-3697b9\/","https:\/\/x.com\/raj_samani"],"url":"https:\/\/www.mcafee.com\/blogs\/author\/raj-samani\/"}]}},"_links":{"self":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/41253","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/users\/460"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/comments?post=41253"}],"version-history":[{"count":3,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/41253\/revisions"}],"predecessor-version":[{"id":220016,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/41253\/revisions\/220016"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media\/154516"}],"wp:attachment":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media?parent=41253"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/categories?post=41253"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/tags?post=41253"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/coauthors?post=41253"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}