Review and sign transactions from a single secure screen with Ledger Flex™

Discover now

Up your Web3 game

Ledger Academy Quests

  • Test your knowledge
  • Earn POK NFTs
Play now See all quests

Social Engineering Meaning

Nov 8, 2023 | Updated Nov 8, 2023
Social engineering is a deceptive strategy to persuade people to perform certain operations or reveal confidential information.

What is Social Engineering in Crypto?

Social engineering describes a type of cybercrime technique that uses human interaction to gain unauthorized access to personal data or sensitive information. In the crypto context, cybercriminals may use social engineering to gain access to the victim’s cryptocurrency accounts or wallets. Instead of using brute force to get their hands on your digital assets, the malicious actors typically employ techniques that rely on building trust, such as phishing, pretexting, spear phishing, or baiting.  

For example, imagine you receive an email claiming to be from your online banking provider. The source claims that there’s been a security breach and asks you to click a link to change your security code urgently. You’re worried about your funds, so you click the link and provide your login details. Here’s the catch: the email was a fake. The attacker mimicked your online banking provider by altering a few details in the email address, and you just handed over your account details to a cybercriminal. 

This is a classic example of a phishing attack, which is one of the most common social engineering scams.

Social Engineering Scam

The primary goal of social engineering scams is to compromise your account’s security and obtain valuable assets, like cryptocurrencies or personal data.

Social engineering relies on human vulnerabilities, desires,  and emotions, which makes it challenging to detect and prevent. In crypto, the malicious actors target social media accounts  to manipulate other users. In some cases, they may manipulate trusted figures to convince them to invest in and advocate for projects that turn out to be Ponzi schemes or rug pulls. Additionally, malicious actors may also target individual users to gain access to their cryptocurrency wallets or accounts.

What Are the Different Types of Social Engineering Attack Techniques?

Malicious actors employ tactics such as phishing, spear phishing, baiting, scareware, and pretexting to access your crypto. 

  • Phishing: Phishing attacks involve sending deceptive messages, which often impersonate legitimate sources, to trick recipients into revealing sensitive information or login credentials. Crypto users might receive emails claiming to be from their exchange, prompting them to provide account details on a fraudulent website.
  • Spear Phishing: Spear phishing is a highly targeted approach, where attackers customize their messages to specific individuals or organizations within the crypto space. These messages often contain personalized information to appear more convincing.
  • Baiting: Baiting entices victims with promises of rewards or opportunities, only to exploit their curiosity or greed. For instance, cybercriminals might distribute malware-infected files disguised as crypto trading software.
  • Scareware: Scareware capitalizes on fear and urgency by displaying fake security alerts to convince victims to download malicious software or visit harmful websites. Crypto enthusiasts might encounter scareware claiming their wallets have been compromised, which leads to them taking risky actions.
  • Pretexting: Pretexting involves creating a false narrative to gain a victim’s trust. Social engineers may pose as customer support representatives, convincing users to share sensitive data or transfer assets under the guise of addressing an issue.

Shapella Fork

The Shapella fork is the combination of two major Ethereum network upgrades (Shanghai and Capella upgrades) that occurred simultaneously. Together, these upgrades allowed users to withdraw their staked ETH on the network.

Full definition

Difficulty Time Bomb

The Difficulty Time Bomb describes the growing difficulty in mining Ethereum as the network transitions from a Proof of Work to a Proof of Stake blockchain.

Full definition

Mainnet

A Mainnet is a blockchain that is independent, complete, and runs by itself, where all crypto transactions are broadcasted, verified, processed, and recorded on its distributed ledger.

Full definition