SOCIAL ENGINEERING: AN INFORMATION SECURITY THREAT IN ENTERPRISES

Abstract

Today, information and communication technologies (ICTs) have become very important tools in business processes. However, especially with the widespread use of the Internet, security threats have also increased, such as customer information and business secrets fraud, changing the digital data easily, data theft, viruses and hackers etc. Furthermore, in many sectors if ICTs do not work a certain amount of time for various reasons, this failure can lead to large losses for the companies. ICTs and information systems in today are faced with many security threats. Whereas some of these security threats are related to technical issues such as software and hardware, human factor is considered as one of the most important security threats. Business employees are accepted as a source of many information security threats. One of these threats is social engineering. This study discusses social engineering as an information security threat in enterprises. Social engineering situations faced by enterprises and measures taken against them are discussed.