New: Wallet recovery made easy with Ledger Recover, provided by Coincover

Get started

Up your Web3 game

Ledger Academy Quests

  • Test your knowledge
  • Earn POK NFTs
Play now See all quests

Social Engineering Meaning

Nov 8, 2023 | Updated Nov 8, 2023
Social engineering is a deceptive strategy to persuade people to perform certain operations or reveal confidential information.

What is Social Engineering in Crypto?

Social engineering describes a type of cybercrime technique that uses human interaction to gain unauthorized access to personal data or sensitive information. In the crypto context, cybercriminals may use social engineering to gain access to the victim’s cryptocurrency accounts or wallets. Instead of using brute force to get their hands on your digital assets, the malicious actors typically employ techniques that rely on building trust, such as phishing, pretexting, spear phishing, or baiting.  

For example, imagine you receive an email claiming to be from your online banking provider. The source claims that there’s been a security breach and asks you to click a link to change your security code urgently. You’re worried about your funds, so you click the link and provide your login details. Here’s the catch: the email was a fake. The attacker mimicked your online banking provider by altering a few details in the email address, and you just handed over your account details to a cybercriminal. 

This is a classic example of a phishing attack, which is one of the most common social engineering scams.

Social Engineering Scam

The primary goal of social engineering scams is to compromise your account’s security and obtain valuable assets, like cryptocurrencies or personal data.

Social engineering relies on human vulnerabilities, desires,  and emotions, which makes it challenging to detect and prevent. In crypto, the malicious actors target social media accounts  to manipulate other users. In some cases, they may manipulate trusted figures to convince them to invest in and advocate for projects that turn out to be Ponzi schemes or rug pulls. Additionally, malicious actors may also target individual users to gain access to their cryptocurrency wallets or accounts.

What Are the Different Types of Social Engineering Attack Techniques?

Malicious actors employ tactics such as phishing, spear phishing, baiting, scareware, and pretexting to access your crypto. 

  • Phishing: Phishing attacks involve sending deceptive messages, which often impersonate legitimate sources, to trick recipients into revealing sensitive information or login credentials. Crypto users might receive emails claiming to be from their exchange, prompting them to provide account details on a fraudulent website.
  • Spear Phishing: Spear phishing is a highly targeted approach, where attackers customize their messages to specific individuals or organizations within the crypto space. These messages often contain personalized information to appear more convincing.
  • Baiting: Baiting entices victims with promises of rewards or opportunities, only to exploit their curiosity or greed. For instance, cybercriminals might distribute malware-infected files disguised as crypto trading software.
  • Scareware: Scareware capitalizes on fear and urgency by displaying fake security alerts to convince victims to download malicious software or visit harmful websites. Crypto enthusiasts might encounter scareware claiming their wallets have been compromised, which leads to them taking risky actions.
  • Pretexting: Pretexting involves creating a false narrative to gain a victim’s trust. Social engineers may pose as customer support representatives, convincing users to share sensitive data or transfer assets under the guise of addressing an issue.

FUD

FUD is an acronym for “Fear, uncertainty, and doubt” which refers to the spread of false or negative information about a cryptocurrency or the market to create fear and doubt among investors.

Full definition

ERC-1155

The ERC-1155 is a multi-token standard that allows for the creation of both fungible and non-fungible tokens within a single smart contract.

Full definition

Testnet

A testnet is like a practice version of the main blockchain network. It lets developers test new ideas and features without affecting the main network.

Full definition