Page 1 of 6

Page 2 of 6

When a person tricks someone else to give up

sensitive information, spread malware, or gain access to an account or

area through email, phone, or in-person

Personal Data Sensitive Data

-Home Address -Gender/Sexual Orientation

-Name/Surname -Race or Ethnicity

-Phone# -Religious Beliefs

-Email/address -Genetic Datat

Page 3 of 6

•Cyber security: The practice of protecting computers, systems, networks, and data from digital threats.

•Malware: Malicious software meant to take data and/or harm computers and networks.

•Personal data: Information that is used to identify a person, such as a name, surname, address, telephone number, or email

address.

•Phishing: An email attack where threat actors try to trick a person into clicking on a link or attachment in an email with the

goal of spreading malware or gaining access to a person’s account or private information.

•Pretexting: Where a threat actor creates a story to convince you to trust them.

•Security awareness training: Educating or teaching others on how to protect devices, computer systems, and data from cyber

threats.

•Security measures: Tools, technologies and/or people that are used to protect or mitigate against a threat.

•Sensitive data: Information that must be kept safe and away from others to avoid it being used in harmful ways, unless we

give others permission to access or use it.

•Smishing: Tricking a person via a text message.

•Social engineering: When a person tricks someone else to give up sensitive information, spread malware, or gain access to

an account or area through email, phone, or in-person.

•Tailgating: Where a threat actor follows someone into a restricted area.

•Threat actor: A person or group of people whose goal is to harm others in some way in the digital or cyber world.

•Vishing: Tricking a person via a phone call.

Page 4 of 6

Page 5 of 6

Page 6 of 6

Different Types of Social Engineering

The first is Phishing, or tricking a person via a harmful

email. Next is Pretexting, this is where a threat actor creates a

story to convince you to trust them. Next up is Tailgating, where

a threat actor follows someone into a restricted area. Next is

Vishing, or tricking a person via a phone call. And finally,

Smishing, or tricking a person via a text message.

Sometimes it’s easier to trick people into giving up information

than it is to find a weakness in a computer or network.