Social Engineering: Application of Psychology to Information Security

Psychology and computer science are two scientific disciplines that focus on identifying the specific characteristics of information processing. The first analyzes human behavior, while the latter focuses on the construction of a technical tool that seeks to emulate the brain: the computer. Therefore, psychology is strongly tied to the moment people choose their passwords. Deceptive advertising often compensates through money, free products, services or other self-esteem tests to influence a product or service to appear on your social network, in order to increase their consumption among its followers and to take personal information without your consent. Security is subjective, and each individual will perceive security differently, since each person has different weaknesses. Subjectivity should not be the one who meditates to manage his own measures of protection against the Social Engineering, which refers to psychological manipulation of people into performing actions or divulging confidential information. This project is also based on the need to prevent attacks of information subtraction by obtaining and decrypting the keys of access, or in the worst case, obtaining passwords directly to the different services, bank accounts, credit cards of individuals, based on the information that a people exposed or share on their social networks. Additionally, it focuses on how attackers could obtain or decipher their passwords based on personal information obtained from such advertisements; providing a better vision of how hackers use the psychology applied to information security.