Not all cyberattacks rely on technical weaknesses. In IB Computer Science, students must understand that many successful attacks target people rather than systems. These attacks are known as social engineering attacks. IB examiners expect students to explain what social engineering is, why it works, and how it bypasses technical security measures.
Understanding social engineering is essential because even secure systems can be compromised through human error.
What Is Social Engineering?
Social engineering is a type of attack that:
- Manipulates people
- Exploits trust, fear, or urgency
- Tricks users into revealing information or performing actions
Instead of breaking security systems, attackers persuade users to:
- Share passwords
- Click malicious links
- Install harmful software
- Grant unauthorised access
In IB terms, social engineering exploits human vulnerability, not technical flaws.
Why Social Engineering Is Effective
Social engineering works because:
- Humans trust authority
- People act quickly under pressure
- Users may lack security awareness
Attackers often:
- Pretend to be legitimate organisations
- Create urgent or threatening situations
- Exploit curiosity or fear
IB students should explain that technical security cannot fully protect against deception.
