Episode 113: Social Engineering — Phishing, Impersonation, Tailgating

Not all threats are technical—some are psychological. This episode focuses on social engineering attacks, which trick users into revealing information or granting access through manipulation rather than code. We start with phishing, covering both traditional email attacks and newer variants like spear phishing and smishing. You’ll learn what signs to look for and how users can be trained to respond appropriately.

We then explore impersonation, where attackers pose as trusted figures like IT staff or executives to gain access or install malware, and tailgating, which involves physically following someone into a restricted area. These techniques are often the first step in a broader attack and are frequently included in exam scenarios involving user behavior or access violations. Brought to you by BareMetalCyber.com.