2025 Foundational Application of Social Engineering

Share This Post

sheldon-cooper

Many people probably don’t think about the concept of obligation being an aspect of influence. However, what is obligation? Typically, it’s a feeling based on norms, morals, even manners, and the roles we play in life. These feelings will often spur action. If we accidentally bump into someone, we feel we should apologize as a polite member of society. Or, as a spouse or parent, we will (hopefully) feel compelled to look after our family members.

How is this relevant to social engineers?

We regularly see obligation used as an instrument of influence. Think about how connections are made in social media. Receiving an invitation to “friend” someone or connect professionally usually creates a need to respond, and social media sites use this to rapidly grow their networks. Or, how often have you accepted a flier from someone just because it was offered to you? Most people feel like it’s rude not to accept. It’s the nature of humans as social beings, as well as how we’ve been taught to behave.

How is obligation exploited?

A recent and heinous example of obligation exploitation is the grandparent scam. Conmen posing as the grandchildren of seniors have scammed them out of millions of dollars, relying in part on their feelings of obligation as grandparents. “You don’t want any harm to your grandchild” as one man reported.

Understanding just how strong feelings of obligation can be and how they affect decision making is a critical skill for social engineers. We talk about this and the other aspects of influence in our 4-Day Advanced Practical Social Engineering training.

More To Explore

Soft Skills for Cybersecurity Professionals
General

Soft Skills for Cybersecurity Professionals

As cyber threats continue to increase, so does the need for cyber security professionals. Some of the skills needed to succeed in the field of cyber security are programming skills,

Social Engineering

Keeping it Simple in Cybersecurity 

Today, the cybersecurity industry focuses a lot more on complicated solutions and tools. Companies are always looking to improve their security measures with the latest technologies. However, attackers often choose