Social Engineering Tactics

Welcome to the Social Engineering Tactics repository! This repo. contains ** real-world social engineering tactics** used for manipulation, persuasion, and deception. Stay aware and stay secure!

📌 Categories of Social Engineering

• Psychological Manipulation 🧠
• Building Trust & Rapport 🤝
• Elicitation Techniques 🎯
• Impersonation & Pretexting 🎭
• Persuasion Tactics 🏆
• Digital Social Engineering 🌐
• Physical Social Engineering 🏢
• Advanced Social Engineering 🚨

🧠 Psychological Manipulation Tactics

1. Reciprocity Pressure – "Here’s a free sample, now could you buy something?"
2. Authority Influence – "The CEO asked me to collect this data from you."
3. Social Proof Manipulation – "Everyone else has done it—why not you?"
4. Scarcity Effect – "Only 2 spots left! Hurry!"
5. Commitment & Consistency – "You signed up for a free trial, why not the full plan?"
6. Urgency Triggers – "Act now before it’s too late!"
7. Fear-Based Persuasion – "If you don’t update now, you’ll lose your account."
8. Guilt-Inducing Requests – "I helped you before, can’t you return the favor?"
9. Exploiting Sympathy – "I lost my wallet, can you lend me money?"
10. False Sense of Obligation – "You’re my best friend; I know you’ll help me out."

🤝 Building Trust & Rapport

11. Mirroring & Matching – Copying someone’s gestures to seem relatable.
12. Compliment-Based Influence – "You’re amazing at this! Can you help me?"
13. Artificial Common Interests – "Oh, you love photography too? So do I!"
14. Using Humor to Disarm – Joking before making a request.
15. Strategic Name-Dropping – "John said you’re the best person to ask."
16. Fake Shared Experiences – "I remember you from that event last year!"
17. Using Authority Figures – "Your boss recommended I reach out."
18. Selective Vulnerability – "I’m new here, could you guide me?"
19. Forced Familiarity – Acting as if you already know someone.
20. Using Social Media Info – "I loved your recent post on LinkedIn!"

🎯 Elicitation Techniques

21. Open-Ended Questioning – "How do you handle password resets?"
22. False Confession Baiting – "I already know, but I need confirmation."
23. Strategic Pauses – Staying silent to make the other person talk.
24. Flattery for Disclosure – "You know so much about this, tell me more!"
25. Fake Confidentiality – "Just between us, how does your system work?"
26. Reverse Psychology – "You probably don’t have access to this, right?"
27. Implying False Info – "Your office is on the 3rd floor, right?"
28. Playing Dumb – "I don’t understand, can you explain in detail?"
29. Fake Surveys for Data – "Take our quick security survey for a reward!"
30. Gossiping to Extract Info – "I heard something about a new project… do you know anything?"

🎭 Impersonation & Pretexting

31. Posing as IT Support – "We need your login details to fix an issue."
32. Pretending to Be Lost – "Hey, do you work here? Can you show me around?"
33. Impersonating an Authority – "I’m from corporate security; I need access."
34. Calling as a “New Employee” – "Hey, I’m new. What’s the WiFi password?"
35. Acting as a Delivery Person – "I have a package for the manager—can I drop it off inside?"
36. Fake Job Offers – "We’d like to hire you; just send us your ID and bank details."
37. Acting as a Journalist – "I’m writing an article—can you share internal details?"
38. Fake Emergency Situations – "Your account is compromised! Confirm details now."
39. Pretending to Be an Old Friend – "Hey, remember me from high school?"
40. Fake Customer Complaints – "I need my order details; can you verify my account info?"

🌐 Digital Social Engineering

51. Fake Phishing Emails – "Your password is expiring, reset now!"
52. Social Media Manipulation – Pretending to be someone else online.
53. Fake Online Contests – "Win a prize! Enter your details."
54. Creating False LinkedIn Job Offers – "We have an open position; send us your CV."
55. Fake Friend Requests – Adding someone to gain personal details.

🏢 Physical Social Engineering

61. Tailgating into Secure Locations – Following someone through a door.
62. Dumpster Diving for Data – Looking through trash for useful info.
63. Shoulder Surfing for Passwords – Watching someone type their password.
64. Posing as Maintenance Staff – "I need to fix the WiFi in your office."
65. Using Fake IDs for Entry – Showing a fake badge to enter.

🚨 Advanced Social Engineering

71. Fake Police or Government Calls – "This is the IRS. We need your details."
72. Fake HR Emails – "Update your employee records here."
73. Fake LinkedIn Recruiter Messages – "We have a job opening for you!"
74. Fake Bank Calls – "We detected suspicious activity—verify your info."
75. Fake Social Media Giveaways – "You’ve won! Enter your details here."

🛡️ How to Defend Against Social Engineering

• Always verify identities before sharing information.
• Be skeptical of urgent or emotionally charged requests.
• Use multi-factor authentication (MFA) to protect accounts.
• Limit social media sharing of personal details.
• Train employees & teams on security awareness.