[](https://www.paloaltonetworks.com/?ts=markdown) * Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/?ts=markdown) * Products ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * Solutions ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions Secure AI by Design * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) Network Security * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown) * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown) * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown) * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown) * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown) * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown) * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown) * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown) * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) Cloud Security * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown) * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown) * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown) * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown) * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown) * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown) * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown) * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown) * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown) Security Operations * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown) * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown) * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown) * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown) * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown) * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown) * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown) * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown) * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown) * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown) * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown) Endpoint Security * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown) * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown) * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown) [Industries](https://www.paloaltonetworks.com/industry?ts=markdown) * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown) * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown) * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown) * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown) * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown) * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown) * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown) * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners NextWave Partners * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown) * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown) * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown) * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown) * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown) * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown) * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown) * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown) Take Action * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown) * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown) * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner) * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess) * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator) [CYBERFORCE CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise. Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown) * Company ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company Palo Alto Networks * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com) * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Military \& Veterans](https://jobs.paloaltonetworks.com/military) [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown) * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown) * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown) * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown) * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown) * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown) Careers * [Overview](https://jobs.paloaltonetworks.com/) * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/) [A Newsweek Most Loved Workplace "Businesses that do right by their employees" Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown) * More ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More Resources * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Tech Insider](https://techinsider.paloaltonetworks.com/) * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/) * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/) * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown) * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown) * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown) * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/) * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown) Connect * [LIVE community](https://live.paloaltonetworks.com/) * [Events](https://events.paloaltonetworks.com/) * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown) * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown) * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) [Blog Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity Learn more](https://www.paloaltonetworks.com/blog/) * Sign In ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In * Customer * Partner * Employee * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown) * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown) * EN ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language * [USA (ENGLISH)](https://www.paloaltonetworks.com) * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au) * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br) * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca) * [CHINA (简体中文)](https://www.paloaltonetworks.cn) * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr) * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de) * [INDIA (ENGLISH)](https://www.paloaltonetworks.in) * [ITALY (ITALIANO)](https://www.paloaltonetworks.it) * [JAPAN (日本語)](https://www.paloaltonetworks.jp) * [KOREA (한국어)](https://www.paloaltonetworks.co.kr) * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat) * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx) * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg) * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es) * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw) * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [What's New](https://www.paloaltonetworks.com/resources?ts=markdown) * [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount) * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) * [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search) Close search modal [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com) [](https://www.paloaltonetworks.com/?ts=markdown) 1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) 2. [Threats](https://www.paloaltonetworks.com/cyberpedia/threat?ts=markdown) 3. [Cyber Attack](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack?ts=markdown) 4. [What is Social Engineering?](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering?ts=markdown) Table of Contents * [What Is a Cyber Attack?](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack?ts=markdown) * [Threat Overview: Cyber Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#threat?ts=markdown) * [Cyber Attack Types at a Glance](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#cyber?ts=markdown) * [Global Cyber Attack Trends](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#global?ts=markdown) * [Cyber Attack Taxonomy](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#taxonomy?ts=markdown) * [Threat-Actor Landscape](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#landscape?ts=markdown) * [Attack Lifecycle and Methodologies](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#methodologies?ts=markdown) * [Technical Deep Dives](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#technical?ts=markdown) * [Cyber Attack Case Studies](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#studies?ts=markdown) * [Tools, Platforms, and Infrastructure](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#tools?ts=markdown) * [The Effect of Cyber Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#effect?ts=markdown) * [Detection, Response, and Intelligence](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#detection?ts=markdown) * [Emerging Cyber Attack Trends](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#trends?ts=markdown) * [Testing and Validation](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#testing?ts=markdown) * [Metrics and Continuous Improvement](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#metrics?ts=markdown) * [Cyber Attack FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-cyber-attack#faqs?ts=markdown) * [What Is a Zero-Day Attack? Risks, Examples, and Prevention](https://www.paloaltonetworks.com/cyberpedia/zero-day-attacks-explained-risks-examples-prevention?ts=markdown) * [Zero-Day Attacks Explained](https://www.paloaltonetworks.com/cyberpedia/zero-day-attacks-explained-risks-examples-prevention#explained?ts=markdown) * [Zero-Day Vulnerability vs. Zero-Day Attack vs. CVE](https://www.paloaltonetworks.com/cyberpedia/zero-day-attacks-explained-risks-examples-prevention#vs?ts=markdown) * [How Zero-Day Exploits Work](https://www.paloaltonetworks.com/cyberpedia/zero-day-attacks-explained-risks-examples-prevention#how?ts=markdown) * [Common Zero-Day Attack Vectors](https://www.paloaltonetworks.com/cyberpedia/zero-day-attacks-explained-risks-examples-prevention#common?ts=markdown) * [Why Zero-Day Attacks Are So Effective and Their Consequences](https://www.paloaltonetworks.com/cyberpedia/zero-day-attacks-explained-risks-examples-prevention#why?ts=markdown) * [How to Prevent and Mitigate Zero-Day Attacks](https://www.paloaltonetworks.com/cyberpedia/zero-day-attacks-explained-risks-examples-prevention#prevent?ts=markdown) * [The Role of AI in Zero-Day Defense](https://www.paloaltonetworks.com/cyberpedia/zero-day-attacks-explained-risks-examples-prevention#role?ts=markdown) * [Real-World Examples of Zero-Day Attacks](https://www.paloaltonetworks.com/cyberpedia/zero-day-attacks-explained-risks-examples-prevention#examples?ts=markdown) * [Zero-Day Attacks FAQs](https://www.paloaltonetworks.com/cyberpedia/zero-day-attacks-explained-risks-examples-prevention#faqs?ts=markdown) * [What Is Lateral Movement?](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement?ts=markdown) * [Why Attackers Use Lateral Movement](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement#why?ts=markdown) * [How Do Lateral Movement Attacks Work?](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement#how?ts=markdown) * [Stages of a Lateral Movement Attack](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement#stages?ts=markdown) * [Techniques Used in Lateral Movement](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement#technicques?ts=markdown) * [Detection Strategies for Lateral Movement](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement#detection?ts=markdown) * [Tools to Prevent Lateral Movement](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement#tools?ts=markdown) * [Best Practices for Defense](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement#best?ts=markdown) * [Recent Trends in Lateral Movement Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement#recent?ts=markdown) * [Industry-Specific Challenges](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement#industry?ts=markdown) * [Compliance and Regulatory Requirements](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement#compliance?ts=markdown) * [Financial Impact and ROI Considerations](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement#financial?ts=markdown) * [Common Mistakes to Avoid](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement#common?ts=markdown) * [Lateral Movement FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-lateral-movement#faqs?ts=markdown) * [What is a Botnet?](https://www.paloaltonetworks.com/cyberpedia/what-is-botnet?ts=markdown) * [How Botnets Work](https://www.paloaltonetworks.com/cyberpedia/what-is-botnet#how?ts=markdown) * [Why are Botnets Created?](https://www.paloaltonetworks.com/cyberpedia/what-is-botnet#why?ts=markdown) * [What are Botnets Used For?](https://www.paloaltonetworks.com/cyberpedia/what-is-botnet#what?ts=markdown) * [Types of Botnets](https://www.paloaltonetworks.com/cyberpedia/what-is-botnet#types?ts=markdown) * [Signs Your Device May Be in a Botnet](https://www.paloaltonetworks.com/cyberpedia/what-is-botnet#signs?ts=markdown) * [How to Protect Against Botnets](https://www.paloaltonetworks.com/cyberpedia/what-is-botnet#protect?ts=markdown) * [Why Botnets Lead to Long-Term Intrusions](https://www.paloaltonetworks.com/cyberpedia/what-is-botnet#intrusions?ts=markdown) * [How To Disable a Botnet](https://www.paloaltonetworks.com/cyberpedia/what-is-botnet#disable?ts=markdown) * [Tools and Techniques for Botnet Defense](https://www.paloaltonetworks.com/cyberpedia/what-is-botnet#tools?ts=markdown) * [Real-World Examples of Botnets](https://www.paloaltonetworks.com/cyberpedia/what-is-botnet#examples?ts=markdown) * [Botnet FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-botnet#faqs?ts=markdown) * [What is a Payload-Based Signature?](https://www.paloaltonetworks.com/cyberpedia/what-is-a-payload-based-signature?ts=markdown) * [Importance of Payload-Based Signatures](https://www.paloaltonetworks.com/cyberpedia/what-is-a-payload-based-signature#important?ts=markdown) * [How Payload-Based Signatures Work](https://www.paloaltonetworks.com/cyberpedia/what-is-a-payload-based-signature#how?ts=markdown) * [Advantages of Payload-Based Signatures](https://www.paloaltonetworks.com/cyberpedia/what-is-a-payload-based-signature#advantages?ts=markdown) * [Use Cases of Payload-Based Signatures in Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-a-payload-based-signature#usecases?ts=markdown) * [Payload-Based Signatures FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-payload-based-signature#faqs?ts=markdown) * [Dark Web Leak Sites: Key Insights for Security Decision Makers](https://www.paloaltonetworks.com/cyberpedia/what-is-a-dark-web-leak-site?ts=markdown) * [Dark Web Leak Sites Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-a-dark-web-leak-site#dark?ts=markdown) * [Evolving Extortion Tactics](https://www.paloaltonetworks.com/cyberpedia/what-is-a-dark-web-leak-site#tactics?ts=markdown) * [The Role of Leak Sites in Ransomware Double Extortion](https://www.paloaltonetworks.com/cyberpedia/what-is-a-dark-web-leak-site#role?ts=markdown) * [Critical Risks Exposed by Data Leak Sites](https://www.paloaltonetworks.com/cyberpedia/what-is-a-dark-web-leak-site#critical?ts=markdown) * [Anatomy of a Dark Web Leak Site](https://www.paloaltonetworks.com/cyberpedia/what-is-a-dark-web-leak-site#anatomy?ts=markdown) * [Proactive Defense: How Organizations Can Mitigate Dark Web Leaks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-dark-web-leak-site#proactive?ts=markdown) * [Dark Web Leak Site FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-dark-web-leak-site#faqs?ts=markdown) * [What to Do If Your Organization Appears on a Dark Web Leak Site](https://www.paloaltonetworks.com/cyberpedia/what-is-a-dark-web-leak-site#appears?ts=markdown) * [What is Spyware?](https://www.paloaltonetworks.com/cyberpedia/what-is-spyware?ts=markdown) * [Cybercrime: The Underground Economy](https://www.paloaltonetworks.com/cyberpedia/cybercrime-the-underground-economy?ts=markdown) * [Products](https://www.paloaltonetworks.com/cyberpedia/cybercrime-the-underground-economy#products?ts=markdown) * [Services](https://www.paloaltonetworks.com/cyberpedia/cybercrime-the-underground-economy#services?ts=markdown) * [Cybercrime FAQs](https://www.paloaltonetworks.com/cyberpedia/cybercrime-the-underground-economy#faqs?ts=markdown) * [What Is Cross-Site Scripting (XSS)?](https://www.paloaltonetworks.com/cyberpedia/xss-cross-site-scripting?ts=markdown) * [XSS Explained](https://www.paloaltonetworks.com/cyberpedia/xss-cross-site-scripting#xss?ts=markdown) * [Evolution in Attack Complexity](https://www.paloaltonetworks.com/cyberpedia/xss-cross-site-scripting#evolution?ts=markdown) * [Anatomy of a Cross-Site Scripting Attack](https://www.paloaltonetworks.com/cyberpedia/xss-cross-site-scripting#anatomy?ts=markdown) * [Integration in the Attack Lifecycle](https://www.paloaltonetworks.com/cyberpedia/xss-cross-site-scripting#integration?ts=markdown) * [Widespread Exposure in the Wild](https://www.paloaltonetworks.com/cyberpedia/xss-cross-site-scripting#widespread?ts=markdown) * [Cross-Site Scripting Detection and Indicators](https://www.paloaltonetworks.com/cyberpedia/xss-cross-site-scripting#indicators?ts=markdown) * [Prevention and Mitigation](https://www.paloaltonetworks.com/cyberpedia/xss-cross-site-scripting#mitigation?ts=markdown) * [Response and Recovery Post XSS Attack](https://www.paloaltonetworks.com/cyberpedia/xss-cross-site-scripting#response?ts=markdown) * [Strategic Cross-Site Scripting Risk Perspective](https://www.paloaltonetworks.com/cyberpedia/xss-cross-site-scripting#strategic?ts=markdown) * [Cross-Site Scripting FAQs](https://www.paloaltonetworks.com/cyberpedia/xss-cross-site-scripting#faqs?ts=markdown) * [What Is a Dictionary Attack?](https://www.paloaltonetworks.com/cyberpedia/dictionary-attack?ts=markdown) * [Dictionary Attack Explained](https://www.paloaltonetworks.com/cyberpedia/dictionary-attack#dictionary?ts=markdown) * [How Dictionary Attacks Work](https://www.paloaltonetworks.com/cyberpedia/dictionary-attack#how?ts=markdown) * [Dictionary Attack in the Attack Lifecycle](https://www.paloaltonetworks.com/cyberpedia/dictionary-attack#lifecycle?ts=markdown) * [Dictionary Attack in the Real World](https://www.paloaltonetworks.com/cyberpedia/dictionary-attack#examples?ts=markdown) * [Dictionary Attack Detection and Indicators](https://www.paloaltonetworks.com/cyberpedia/dictionary-attack#indicators?ts=markdown) * [Preventing and Mitigating Dictionary Attack](https://www.paloaltonetworks.com/cyberpedia/dictionary-attack#preventing?ts=markdown) * [Attack Response and Recovery](https://www.paloaltonetworks.com/cyberpedia/dictionary-attack#recovery?ts=markdown) * [Dictionary Attack FAQs](https://www.paloaltonetworks.com/cyberpedia/dictionary-attack#faqs?ts=markdown) * [What Is a Credential-Based Attack?](https://www.paloaltonetworks.com/cyberpedia/what-is-a-credential-based-attack?ts=markdown) * [Credential-Based Attack Overview](https://www.paloaltonetworks.com/cyberpedia/what-is-a-credential-based-attack#credential?ts=markdown) * [How Credential-Based Attacks Work](https://www.paloaltonetworks.com/cyberpedia/what-is-a-credential-based-attack#how?ts=markdown) * [Variations on Credential-Based Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-credential-based-attack#variations?ts=markdown) * [Preventing Credential-Based Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-credential-based-attack#preventing?ts=markdown) * [Credential-Based Attack FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-credential-based-attack#faqs?ts=markdown) * [What Is a Denial of Service (DoS) Attack?](https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos?ts=markdown) * [How Denial-of-Service Attacks Work](https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos#how?ts=markdown) * [Denial-of-Service in Adversary Campaigns](https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos#denial?ts=markdown) * [Real-World Denial-of-Service Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos#attacks?ts=markdown) * [Detection and Indicators of Denial-of-Service Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos#detection?ts=markdown) * [Prevention and Mitigation of Denial-of-Service Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos#prevention?ts=markdown) * [Response and Recovery from Denial-of-Service Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos#response?ts=markdown) * [Operationalizing Denial-of-Service Defense](https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos#defense?ts=markdown) * [DoS Attack FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-denial-of-service-attack-dos#faqs?ts=markdown) * [What Is Hacktivism?](https://www.paloaltonetworks.com/cyberpedia/hacktivism?ts=markdown) * [Hacktivism Explained](https://www.paloaltonetworks.com/cyberpedia/hacktivism#explained?ts=markdown) * [Origins and Definitions](https://www.paloaltonetworks.com/cyberpedia/hacktivism#origins?ts=markdown) * [Forms and Methods](https://www.paloaltonetworks.com/cyberpedia/hacktivism#forms?ts=markdown) * [Related Practices](https://www.paloaltonetworks.com/cyberpedia/hacktivism#related?ts=markdown) * [Who Do Hacktivists Target?](https://www.paloaltonetworks.com/cyberpedia/hacktivism#who?ts=markdown) * [What Motivates Hacktivists?](https://www.paloaltonetworks.com/cyberpedia/hacktivism#what?ts=markdown) * [Is Hacktivism Ethical?](https://www.paloaltonetworks.com/cyberpedia/hacktivism#ethical?ts=markdown) * [Hacktivism FAQs](https://www.paloaltonetworks.com/cyberpedia/hacktivism#faqs?ts=markdown) * [What Is a DDoS Attack?](https://www.paloaltonetworks.com/cyberpedia/what-is-a-ddos-attack?ts=markdown) * [Threat Overview](https://www.paloaltonetworks.com/cyberpedia/what-is-a-ddos-attack#threat?ts=markdown) * [How Distributed Denial-of-Service Attacks Work](https://www.paloaltonetworks.com/cyberpedia/what-is-a-ddos-attack#how?ts=markdown) * [DDoS in Multistage Attack Campaigns](https://www.paloaltonetworks.com/cyberpedia/what-is-a-ddos-attack#ddos?ts=markdown) * [Real-World DDoS Incidents and Organizational Impact](https://www.paloaltonetworks.com/cyberpedia/what-is-a-ddos-attack#impact?ts=markdown) * [DDoS Attack Detection Indicators](https://www.paloaltonetworks.com/cyberpedia/what-is-a-ddos-attack#indicators?ts=markdown) * [DDoS Prevention and Mitigation](https://www.paloaltonetworks.com/cyberpedia/what-is-a-ddos-attack#mitigation?ts=markdown) * [DDoS Response and Recovery](https://www.paloaltonetworks.com/cyberpedia/what-is-a-ddos-attack#recovery?ts=markdown) * [Distributed Denial of Service FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-a-ddos-attack#faqs?ts=markdown) * [What Is CSRF (Cross-Site Request Forgery)?](https://www.paloaltonetworks.com/cyberpedia/csrf-cross-site-request-forgery?ts=markdown) * [CSRF Explained](https://www.paloaltonetworks.com/cyberpedia/csrf-cross-site-request-forgery#csrf?ts=markdown) * [How Cross-Site Request Forgery Works](https://www.paloaltonetworks.com/cyberpedia/csrf-cross-site-request-forgery#how?ts=markdown) * [Where CSRF Fits in the Broader Attack Lifecycle](https://www.paloaltonetworks.com/cyberpedia/csrf-cross-site-request-forgery#where?ts=markdown) * [CSRF in Real-World Exploits](https://www.paloaltonetworks.com/cyberpedia/csrf-cross-site-request-forgery#exploits?ts=markdown) * [Detecting CSRF Through Behavioral and Telemetry Signals](https://www.paloaltonetworks.com/cyberpedia/csrf-cross-site-request-forgery#detecting?ts=markdown) * [Defending Against Cross-Site Request Forgery](https://www.paloaltonetworks.com/cyberpedia/csrf-cross-site-request-forgery#defending?ts=markdown) * [Responding to a CSRF Incident](https://www.paloaltonetworks.com/cyberpedia/csrf-cross-site-request-forgery#responding?ts=markdown) * [CSRF as a Strategic Business Risk](https://www.paloaltonetworks.com/cyberpedia/csrf-cross-site-request-forgery#risk?ts=markdown) * [Key Priorities for CSRF Defense and Resilience](https://www.paloaltonetworks.com/cyberpedia/csrf-cross-site-request-forgery#key?ts=markdown) * [Cross-Site Request Forgery FAQs](https://www.paloaltonetworks.com/cyberpedia/csrf-cross-site-request-forgery#faqs?ts=markdown) * [What Is Spear Phishing?](https://www.paloaltonetworks.com/cyberpedia/what-is-spear-phishing?ts=markdown) * [Spear Phishing Email Tactics](https://www.paloaltonetworks.com/cyberpedia/what-is-spear-phishing#what?ts=markdown) * [How Does Spear Phishing Work?](https://www.paloaltonetworks.com/cyberpedia/what-is-spear-phishing#how?ts=markdown) * [Types of Spear Phishing Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-spear-phishing#types?ts=markdown) * [Examples of Spear Phishing Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-spear-phishing#examples?ts=markdown) * [How to Protect Yourself from Spear Phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-spear-phishing#protect?ts=markdown) * [If You Fall Victim to Spear Phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-spear-phishing#victim?ts=markdown) * [Spear Phishing FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-spear-phishing#faq?ts=markdown) * [What Is Brute Force?](https://www.paloaltonetworks.com/cyberpedia/brute-force?ts=markdown) * [How Brute Force Functions as a Threat](https://www.paloaltonetworks.com/cyberpedia/brute-force#how?ts=markdown) * [How Brute Force Works in Practice](https://www.paloaltonetworks.com/cyberpedia/brute-force#practice?ts=markdown) * [Brute Force in Multistage Attack Campaigns](https://www.paloaltonetworks.com/cyberpedia/brute-force#brute?ts=markdown) * [Real-World Brute Force Campaigns and Outcomes](https://www.paloaltonetworks.com/cyberpedia/brute-force#outcomes?ts=markdown) * [Detection Patterns in Brute Force Attacks](https://www.paloaltonetworks.com/cyberpedia/brute-force#detection?ts=markdown) * [Practical Defense Against Brute Force Attacks](https://www.paloaltonetworks.com/cyberpedia/brute-force#defense?ts=markdown) * [Response and Recovery After a Brute Force Incident](https://www.paloaltonetworks.com/cyberpedia/brute-force#response?ts=markdown) * [Brute Force Attack FAQs](https://www.paloaltonetworks.com/cyberpedia/brute-force#faqs?ts=markdown) * [What is a Command and Control Attack?](https://www.paloaltonetworks.com/cyberpedia/command-and-control-explained?ts=markdown) * [How a Command and Control Attack Works](https://www.paloaltonetworks.com/cyberpedia/command-and-control-explained#how?ts=markdown) * [Types of Command and Control Techniques](https://www.paloaltonetworks.com/cyberpedia/command-and-control-explained#types?ts=markdown) * [Devices Targeted by C\&C](https://www.paloaltonetworks.com/cyberpedia/command-and-control-explained#devices?ts=markdown) * [What Hackers Can Accomplish Through Command and Control](https://www.paloaltonetworks.com/cyberpedia/command-and-control-explained#what?ts=markdown) * [Command and Control FAQs](https://www.paloaltonetworks.com/cyberpedia/command-and-control-explained#faqs?ts=markdown) * [What Is an Advanced Persistent Threat?](https://www.paloaltonetworks.com/cyberpedia/what-is-advanced-persistent-threat-apt?ts=markdown) * [Characteristics of Advanced Persistent Threats](https://www.paloaltonetworks.com/cyberpedia/what-is-advanced-persistent-threat-apt#characteristics?ts=markdown) * [What Techniques Are Used for APT Attacks?](https://www.paloaltonetworks.com/cyberpedia/what-is-advanced-persistent-threat-apt#techniques?ts=markdown) * [What Are the Stages of an APT Attack?](https://www.paloaltonetworks.com/cyberpedia/what-is-advanced-persistent-threat-apt#stages?ts=markdown) * [What Is the Defense Against APT?](https://www.paloaltonetworks.com/cyberpedia/what-is-advanced-persistent-threat-apt#defense?ts=markdown) * [Real-World Example of an APT Attack](https://www.paloaltonetworks.com/cyberpedia/what-is-advanced-persistent-threat-apt#realworld?ts=markdown) * [Advanced Persistent Threat FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-advanced-persistent-threat-apt#faqs?ts=markdown) * [What is an Exploit Kit?](https://www.paloaltonetworks.com/cyberpedia/what-is-an-exploit-kit?ts=markdown) * [Landing Page](https://www.paloaltonetworks.com/cyberpedia/what-is-an-exploit-kit#landing?ts=markdown) * [Exploit](https://www.paloaltonetworks.com/cyberpedia/what-is-an-exploit-kit#exploit?ts=markdown) * [Payload](https://www.paloaltonetworks.com/cyberpedia/what-is-an-exploit-kit#payload?ts=markdown) * [What Is Credential Stuffing?](https://www.paloaltonetworks.com/cyberpedia/credential-stuffing?ts=markdown) * [Credential Stuffing Explained](https://www.paloaltonetworks.com/cyberpedia/credential-stuffing#credential?ts=markdown) * [Automated Exploitation of Reused Credentials](https://www.paloaltonetworks.com/cyberpedia/credential-stuffing#automated?ts=markdown) * [Integration in the Attack Lifecycle](https://www.paloaltonetworks.com/cyberpedia/credential-stuffing#integration?ts=markdown) * [Credential Stuffing Attacks in the Real World](https://www.paloaltonetworks.com/cyberpedia/credential-stuffing#stuffing?ts=markdown) * [Responding and Recovering from Credential Stuffing](https://www.paloaltonetworks.com/cyberpedia/credential-stuffing#responding?ts=markdown) * [Credential Stuffing FAQs](https://www.paloaltonetworks.com/cyberpedia/credential-stuffing#faqs?ts=markdown) * [What Is Smishing?](https://www.paloaltonetworks.com/cyberpedia/what-is-smishing?ts=markdown) * [How to Spot a Smishing Attempt](https://www.paloaltonetworks.com/cyberpedia/what-is-smishing#spot-smishing-attempt?ts=markdown) * [How to Avoid Being Smished](https://www.paloaltonetworks.com/cyberpedia/what-is-smishing#avoid-being-smished?ts=markdown) * [Smishing FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-smishing#faqs?ts=markdown) * What is Social Engineering? * [The Role of Human Psychology in Social Engineering](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#role?ts=markdown) * [How Has Social Engineering Evolved?](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#historical?ts=markdown) * [How Does Social Engineering Work?](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#how?ts=markdown) * [Phishing vs Social Engineering](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#phishing?ts=markdown) * [What is BEC (Business Email Compromise)?](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#bec?ts=markdown) * [Notable Social Engineering Incidents](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#notable?ts=markdown) * [Social Engineering Prevention](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#social?ts=markdown) * [Consequences of Social Engineering](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#consequences?ts=markdown) * [Social Engineering FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#faqs?ts=markdown) * [What Is a Honeypot?](https://www.paloaltonetworks.com/cyberpedia/honeypots?ts=markdown) * [Threat Overview: Honeypot](https://www.paloaltonetworks.com/cyberpedia/honeypots#threat?ts=markdown) * [Honeypot Exploitation and Manipulation Techniques](https://www.paloaltonetworks.com/cyberpedia/honeypots#honeypot?ts=markdown) * [Positioning Honeypots in the Adversary Kill Chain](https://www.paloaltonetworks.com/cyberpedia/honeypots#positioning?ts=markdown) * [Honeypots in Practice: Breaches, Deception, and Blowback](https://www.paloaltonetworks.com/cyberpedia/honeypots#blowback?ts=markdown) * [Detecting Honeypot Manipulation and Adversary Tactics](https://www.paloaltonetworks.com/cyberpedia/honeypots#tactics?ts=markdown) * [Safeguards Against Honeypot Abuse and Exposure](https://www.paloaltonetworks.com/cyberpedia/honeypots#safeguards?ts=markdown) * [Responding to Honeypot Exploitation or Compromise](https://www.paloaltonetworks.com/cyberpedia/honeypots#compromise?ts=markdown) * [Honeypot FAQs](https://www.paloaltonetworks.com/cyberpedia/honeypots#faqs?ts=markdown) * [What Is Password Spraying?](https://www.paloaltonetworks.com/cyberpedia/password-spraying?ts=markdown) * [Password Spraying Explained](https://www.paloaltonetworks.com/cyberpedia/password-spraying#password?ts=markdown) * [How Password Spraying Works](https://www.paloaltonetworks.com/cyberpedia/password-spraying#works?ts=markdown) * [Password Spraying in the Broader Attack Lifecycle](https://www.paloaltonetworks.com/cyberpedia/password-spraying#attack?ts=markdown) * [Real-World Examples of Password Spraying Attacks](https://www.paloaltonetworks.com/cyberpedia/password-spraying#realworld?ts=markdown) * [Detection and Indicators](https://www.paloaltonetworks.com/cyberpedia/password-spraying#detection?ts=markdown) * [Preventing and Mitigating Password Spraying Attacks](https://www.paloaltonetworks.com/cyberpedia/password-spraying#mitigating?ts=markdown) * [Responding to Password Spraying](https://www.paloaltonetworks.com/cyberpedia/password-spraying#responding?ts=markdown) * [Password Spraying FAQs](https://www.paloaltonetworks.com/cyberpedia/password-spraying#faqs?ts=markdown) * [How to Break the Cyber Attack Lifecycle](https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle?ts=markdown) * [1. Reconnaissance:](https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle#reconnaissance?ts=markdown) * [2. Weaponization and Delivery:](https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle#weaponization?ts=markdown) * [3. Exploitation:](https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle#exploitation?ts=markdown) * [4. Installation:](https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle#installation?ts=markdown) * [5. Command and Control:](https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle#command?ts=markdown) * [6. Actions on the Objective:](https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle#actions?ts=markdown) * [Cyber Attack Lifecycle FAQs](https://www.paloaltonetworks.com/cyberpedia/how-to-break-the-cyber-attack-lifecycle#faqs?ts=markdown) * [What Is Phishing?](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing?ts=markdown) * [Phishing Explained](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing#phishing?ts=markdown) * [The Evolution of Phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing#?ts=markdown) * [The Anatomy of a Phishing Attack](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing#anatomy?ts=markdown) * [Why Phishing Is Difficult to Detect](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing#detect?ts=markdown) * [Types of Phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing#types?ts=markdown) * [Phishing Adversaries and Motives](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing#motives?ts=markdown) * [The Psychology of Exploitation](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing#psychology?ts=markdown) * [Lessons from Phishing Incidents](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing#lessons?ts=markdown) * [Building a Modern Security Stack Against Phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing#building?ts=markdown) * [Building Organizational Immunity](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing#immunity?ts=markdown) * [Phishing FAQ](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing#faqs?ts=markdown) * [What Is a Rootkit?](https://www.paloaltonetworks.com/cyberpedia/rootkit?ts=markdown) * [Rootkit Classification and Technical Definition](https://www.paloaltonetworks.com/cyberpedia/rootkit#rootkit?ts=markdown) * [Types of Rootkits](https://www.paloaltonetworks.com/cyberpedia/rootkit#types?ts=markdown) * [Rootkit Installation and Execution Flow](https://www.paloaltonetworks.com/cyberpedia/rootkit#installation?ts=markdown) * [Integration in the Attack Lifecycle](https://www.paloaltonetworks.com/cyberpedia/rootkit#integration?ts=markdown) * [Cyberattacks Involving Rootkits in the News](https://www.paloaltonetworks.com/cyberpedia/rootkit#cyberattacks?ts=markdown) * [Rootkit Detection and Indicators](https://www.paloaltonetworks.com/cyberpedia/rootkit#indicators?ts=markdown) * [Prevention and Mitigation](https://www.paloaltonetworks.com/cyberpedia/rootkit#prevention?ts=markdown) * [Responding to Rootkit-Related Attacks](https://www.paloaltonetworks.com/cyberpedia/rootkit#responding?ts=markdown) * [Rootkit FAQs](https://www.paloaltonetworks.com/cyberpedia/rootkit#faqs?ts=markdown) * [Browser Cryptocurrency Mining](https://www.paloaltonetworks.com/cyberpedia/threat-brief-browser-cryptocurrency-mining?ts=markdown) * [How It Works](https://www.paloaltonetworks.com/cyberpedia/threat-brief-browser-cryptocurrency-mining#works?ts=markdown) * [How to Defend Against It](https://www.paloaltonetworks.com/cyberpedia/threat-brief-browser-cryptocurrency-mining#defend?ts=markdown) * [Browser Cryptocurrency Mining FAQs](https://www.paloaltonetworks.com/cyberpedia/threat-brief-browser-cryptocurrency-mining#faqs?ts=markdown) * [What Is Pretexting?](https://www.paloaltonetworks.com/cyberpedia/pretexting?ts=markdown) * [Pretexting Explained](https://www.paloaltonetworks.com/cyberpedia/pretexting#pretexting?ts=markdown) * [Evolution of the Attack Technique](https://www.paloaltonetworks.com/cyberpedia/pretexting#evolution?ts=markdown) * [How Pretexting Works](https://www.paloaltonetworks.com/cyberpedia/pretexting#how?ts=markdown) * [Integration in the Attack Lifecycle](https://www.paloaltonetworks.com/cyberpedia/pretexting#integration?ts=markdown) * [Real-World Examples](https://www.paloaltonetworks.com/cyberpedia/pretexting#examples?ts=markdown) * [Pretexting Detection Tactics in Live Environments](https://www.paloaltonetworks.com/cyberpedia/pretexting#detection?ts=markdown) * [Prevention and Mitigation](https://www.paloaltonetworks.com/cyberpedia/pretexting#mitigation?ts=markdown) * [Pretexting FAQs](https://www.paloaltonetworks.com/cyberpedia/pretexting#faqs?ts=markdown) * [What Is Cryptojacking?](https://www.paloaltonetworks.com/cyberpedia/cryptojacking?ts=markdown) * [Understanding Cryptojacking](https://www.paloaltonetworks.com/cyberpedia/cryptojacking#understanding?ts=markdown) * [Types of Cryptojacking and Resource Abuse Attacks](https://www.paloaltonetworks.com/cyberpedia/cryptojacking#types?ts=markdown) * [How Cryptojacking Works](https://www.paloaltonetworks.com/cyberpedia/cryptojacking#how?ts=markdown) * [Cryptojacking in the Adversary Kill Chain](https://www.paloaltonetworks.com/cyberpedia/cryptojacking#chain?ts=markdown) * [Real-World Cases of Cryptojacking](https://www.paloaltonetworks.com/cyberpedia/cryptojacking#cases?ts=markdown) * [Prevention and Mitigation](https://www.paloaltonetworks.com/cyberpedia/cryptojacking#prevention?ts=markdown) * [Response and Recovery](https://www.paloaltonetworks.com/cyberpedia/cryptojacking#response?ts=markdown) * [Cryptojacking FAQs](https://www.paloaltonetworks.com/cyberpedia/cryptojacking#faqs?ts=markdown) # What is Social Engineering? 5 min. read Table of Contents * * [The Role of Human Psychology in Social Engineering](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#role?ts=markdown) * [How Has Social Engineering Evolved?](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#historical?ts=markdown) * [How Does Social Engineering Work?](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#how?ts=markdown) * [Phishing vs Social Engineering](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#phishing?ts=markdown) * [What is BEC (Business Email Compromise)?](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#bec?ts=markdown) * [Notable Social Engineering Incidents](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#notable?ts=markdown) * [Social Engineering Prevention](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#social?ts=markdown) * [Consequences of Social Engineering](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#consequences?ts=markdown) * [Social Engineering FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#faqs?ts=markdown) 1. The Role of Human Psychology in Social Engineering * * [The Role of Human Psychology in Social Engineering](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#role?ts=markdown) * [How Has Social Engineering Evolved?](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#historical?ts=markdown) * [How Does Social Engineering Work?](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#how?ts=markdown) * [Phishing vs Social Engineering](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#phishing?ts=markdown) * [What is BEC (Business Email Compromise)?](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#bec?ts=markdown) * [Notable Social Engineering Incidents](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#notable?ts=markdown) * [Social Engineering Prevention](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#social?ts=markdown) * [Consequences of Social Engineering](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#consequences?ts=markdown) * [Social Engineering FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-social-engineering#faqs?ts=markdown) Social engineering is a manipulation technique cybercriminals use to deceive individuals into divulging confidential information or performing actions that compromise security. It exploits human psychology rather than technical vulnerabilities, often involving [phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-phishing?ts=markdown), pretexting, or baiting tactics to gain unauthorized access to systems, data, or physical locations. ## The Role of Human Psychology in Social Engineering Social engineering takes advantage of key aspects of human psychology by targeting traits such as trust, fear, curiosity, and urgency. It manipulates individuals into revealing confidential information or taking actions that may compromise their security. Attackers craft situations that cloud judgment and hinder rational decision-making by understanding how people react under pressure or when faced with tempting opportunities. For example, a social engineer might create a sense of urgency by impersonating a trusted authority figure and presenting a scenario that incites fear or concern. This can prompt the victim to act quickly without fully verifying the situation. Such psychological manipulation exploits the natural human tendency to help, comply, or respond to authority, which research shows is deeply embedded in our social behaviors. Attorneys can circumvent traditional security measures individuals believe will protect them by appealing to emotions. This often leads to surprisingly successful exploits, even in the presence of advanced technological defenses. The reliance on these psychological tactics makes social engineering a powerful tool for cybercriminals, emphasizing the critical importance of awareness and education in addition to technical security measures. ## How Has Social Engineering Evolved? Social engineering has dramatically changed from the early tricks scammers and con artists used. With new technology, these methods have become more complicated and widespread. Initially, social engineering relied on face-to-face interactions to trick people out of their money or information. Now, as the Internet has grown, these tactics have moved online. This shift has allowed criminals to exploit the anonymity and broad reach of digital communication. The growth of social engineering shows how technology has advanced and how much people and organizations depend on digital information systems. It is crucial to understand and anticipate new strategies that attackers might use. As social engineering tactics become more sophisticated, they pose an ongoing threat that requires constant awareness and protective measures. ## How Does Social Engineering Work? Social engineering is a psychological manipulation technique that exploits human nature and behavior patterns to gain unauthorized access to systems, data, or resources. Here's how it typically works: **Key Psychological Triggers:** Authority---Attackers impersonate authority figures, such as executives or IT staff, to pressure victims into complying with requests. For example, an attacker might pose as a CEO requesting urgent wire transfer approval. **Urgency:** Creating artificial time pressure forces quick, poorly considered decisions. An attacker might claim, "Your account will be deleted in 1 hour unless you verify your credentials now." **Fear/Intimidation:** Threats of negative consequences manipulate victims into taking unsafe actions. For example, the attacker could claim, "Your system is infected---click here immediately or risk data loss." **Trust:** Building rapport and appearing legitimate helps bypass normal security skepticism. An attacker might research a target on LinkedIn to reference mutual connections or shared experiences. **Common Attack Patterns:** 1. **Research \& Reconnaissance -** Attackers gather information about targets from social media, company websites, and other public sources to make their approaches more convincing. 2. **Initial Contact -** They reach out through email, phone, text or in person using a pretext aligned with their research. The communication seems legitimate but contains subtle red flags. 3. **Hook \& Manipulation -** Using psychological triggers, they present a problem requiring the target to take a specific action like sharing credentials or transferring funds. 4. **Execution -** Once trust is established, they exploit the access or information gained, often leaving few traces of the manipulation. Prevention depends on security awareness training, verification procedures for sensitive requests, and fostering a culture where employees feel empowered to question suspicious interactions - even from apparent authority figures. ### Psychological Manipulation Techniques **Reciprocity:** When attackers provide something of value first, victims feel obligated to return the favor. For instance, a hacker might send a "free security audit tool" that's [malware](https://www.paloaltonetworks.com/cyberpedia/what-is-malware?ts=markdown), counting on the recipient feeling compelled to use it since they received something "helpful." **Social Proof:** People follow others' actions, especially in uncertain situations. Attackers exploit this by creating fake scenarios showing others complying with their requests. They might send phishing emails claiming "90% of your colleagues have already updated their passwords" to pressure targets into following suit. **Scarcity:** Creating artificial limitations drives urgent, emotional responses over logical ones. An attacker might claim "Only 2 spots remaining for this security upgrade" or "This special access expires in 24 hours" to force hasty decisions. **Commitment \& Consistency:** Once people take a small action, they're more likely to continue that behavior to appear consistent. Attackers start with minor requests before escalating to more sensitive ones. They might first ask for public company information, then gradually work up to requesting confidential data. **Authority:** Beyond just impersonating authority figures, attackers use specific techniques like: * Using official-looking email domains and signatures * Referencing internal procedures or systems * Dropping names of actual executives or departments * Creating artificial hierarchies or approval chains **Likability:** Attackers build rapport through: * Mirroring communication styles and preferences * Finding or fabricating common interests and backgrounds * Using flattery and recognition strategically * Presenting themselves as helpful problem-solvers **Manipulation through Distraction:** People make poorer security decisions when under stress or cognitive load. Attackers might: * Create artificial crises requiring immediate action * Overwhelm targets with technical jargon or complex instructions * Time attacks during busy periods like end of quarter * Exploit decision fatigue at the end of workdays These techniques are particularly effective because they exploit fundamental human psychological patterns that persist even when people are aware of them. ### Common Strategies Used by Attackers **Pretexting** Attackers create detailed fictional scenarios to justify their requests for information or access. For example, they might pose as: * A new employee needing urgent system access * An IT auditor conducting security checks * A vendor requiring contract verification * An executive assistant handling confidential tasks **Phishing \& Its Variants** Beyond basic email phishing, attackers employ sophisticated variations: * **Spear Phishing:** [Spear phishing](https://www.paloaltonetworks.com/cyberpedia/what-is-spear-phishing?ts=markdown) involves highly targeted attacks that use detailed personal/professional information to appear legitimate. They might reference recent business deals or specific projects. * **Whaling:** Targeting high-level executives with tailored approaches, often involving financial requests or sensitive data access. * **Vishing (Voice Phishing):** Using phone calls to manipulate targets, often spoofing legitimate phone numbers and using professional scripts. * **Smishing:** [Smishing](https://www.paloaltonetworks.com/cyberpedia/what-is-smishing?ts=markdown) is phishing through text messages (SMS). Attackers send fake delivery notifications or urgent messages claiming account breaches or prizes. **Impersonation Techniques** Physical impersonation involves: * Tailgating authorized personnel into secure areas * Wearing convincing uniforms or fake ID badges * Claiming to be maintenance or delivery workers * Acting confidently to avoid suspicion Digital impersonation includes:: * Creating lookalike email addresses (e.g., john@companey.com vs john@company.com) * Cloning legitimate websites * Using stolen credentials * Hijacking trusted email threads **Baiting** Attackers leave infected physical devices like: * USB drives in parking lots * Free promotional items at trade shows * "Lost" devices near target locations contain malware that activates when connected. **Quid Pro Quo** Offering something in exchange for information: * Free security scans * IT support services * Software upgrades * Professional consultations **Water Holing** Compromising websites frequently visited by targets: * Industry news sites * Professional forums * Vendor portals * Social media platforms ## Phishing vs Social Engineering Phishing and social engineering are related concepts in cybersecurity but are different. Phishing is a subset of social engineering that specifically uses fraudulent electronic communications like emails, websites, messaging apps, and social media to deceive targets. While all phishing is social engineering, social engineering encompasses a broader range of manipulation tactics including: * In-person deception (pretexting, impersonation) * Voice calls (vishing) * Physical access methods (tailgating) * Baiting (leaving infected devices) * Quid pro quo offers (fake IT support) Discover the [differences between Phishing and Business Email Compromise (BEC).](https://www.paloaltonetworks.com/cyberpedia/difference-between-business-email-compromise-BEC-and-phishing?ts=markdown) ![The image above describes the steps an attacker or bad actor will take to accomplish their specific phishing goals and objectives.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-social-engineering/the-steps-in-a-phishing-attack.png "The Steps in a Phishing Attack") ## What is BEC (Business Email Compromise)? [Business Email Compromise (BEC)](https://www.paloaltonetworks.com/cyberpedia/types-of-business-email-compromise-bec-scams?ts=markdown) is a sophisticated scam targeting businesses that perform wire transfers. Attackers impersonate executives or trusted vendors through compromised or spoofed email accounts to authorize fraudulent payments. ![This diagram shows how a BEC cycle works, from the initial fake email to the wire transfer paid out to the threat actor.](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/cyberpedia/what-is-social-engineering/business-email-compromise-case-study.png "Business Email Compromise Case Study") ## Notable Social Engineering Incidents Several high-profile social engineering incidents have occurred over the years. Understanding these incidents highlights the importance of personal vigilance and resilient cybersecurity practices in protecting sensitive information against social engineering attacks. ### The Twitter VIP Account Hack (2020) A group of teenagers compromised high-profile Twitter accounts, including Barack Obama, Bill Gates, and Elon Musk, through phone spear-phishing attacks targeting Twitter employees. The attackers specifically targeted remote workers during COVID-19 lockdown, exploiting reduced security oversight in work-from-home environments. The compromise affected 130 high-profile accounts, including major corporations, celebrities, and political figures. This is how they did it: * Convinced Twitter staff they were from IT support * Gained access to internal admin tools * Hijacked 130 high-profile accounts * Used the accounts for a cryptocurrency scam that netted over $100,000 * This incident highlighted how even major tech companies can be vulnerable to basic social engineering tactics. ### The RSA SecurID Breach (2011) The breach compromised SecurID two-factor authentication tokens used by numerous defense contractors and government agencies, requiring a massive token replacement effort and highlighting [supply chain security](https://www.paloaltonetworks.com/cyberpedia/what-is-cloud-software-supply-chain-security?ts=markdown) risks. Attackers compromised RSA's widely-used two-factor authentication system by: * Sending targeted phishing emails to small groups of employees * Using an Excel spreadsheet containing malware * Exploiting the compromised credentials to access RSA's systems * Stealing information about SecurID authentication tokens * This breach ultimately cost RSA's parent company EMC $66 million and led to the replacement of SecurID tokens for many customers. ### The Sony Pictures Hack (2014) The "Guardians of Peace" hackers used social engineering to: * Gather information about Sony's internal structure * Send convincing spear-phishing emails to executives * Obtain admin credentials through impersonation * Access and leak confidential data, including unreleased films * The attack resulted in approximately $41.5 million in direct recovery costs through March 2015, according to Sony's official financial statements. ### The Ubiquiti Networks BEC Scam (2015) Criminals used business email compromise to: * Impersonate executives and finance personnel * Direct finance staff to make wire transfers * Successfully stole $46.7 million through fraudulent transfers * Demonstrate how convincing impersonation can bypass standard controls ### FACC CEO Fraud (2016) Aircraft parts manufacturer FACC lost €50 million when attackers: * Impersonated the CEO in emails to the financial department * Created elaborate stories about a supposed secret acquisition * Convinced employees to transfer large sums to foreign accounts * This led to the termination of both the CEO and CFO ## Social Engineering Prevention The best defense against these attacks involves a comprehensive approach that combines awareness, education, and technology. Educating employees and individuals about the common tactics attackers use---such as phishing emails and deceptive phone calls---can significantly reduce the likelihood of falling victim to these schemes. Organizations should implement resilient security protocols, including multi-factor authentication and regular password updates, to protect their systems further. Additionally, fostering a culture of skepticism where individuals are encouraged to question unexpected requests for information or assistance can be a vital line of defense. Organizations should: * Implement documented incident response plans * Conduct regular penetration testing and security assessments * Deploy MFA solutions resistant to social engineering (e.g., FIDO2 security keys rather than SMS-based authentication) * Establish clear procedures for verifying unusual requests, especially financial transactions ### How to Spot Social Engineering Attacks Spotting social engineering attacks requires a keen awareness of communication patterns and red flags that signal potential deception. To identify these attacks, individuals should: * Be cautious of requests for sensitive information, especially when such inquiries are unexpected or come from unfamiliar sources. * Verify the identity of a requester through independent channels, such as contacting the organization directly through official contact information. * Scrutinize email addresses for subtle discrepancies and be wary of urgent language that pressures immediate action to identify phishing schemes. * Conduct Training and awareness programs highlighting these techniques to empower users to recognize signs of social engineering attempts. ## Consequences of Social Engineering Organizations often spend substantial resources on damage control and improving security measures after an incident, which can divert focus from other critical business operations. Social engineering attacks can have profound consequences, impacting individuals and organizations in many ways. For individuals: * Significant financial losses * Identity theft * A severe breach of personal privacy * Emotional scars as victims may feel violated and vulnerable For organizations: * Compromised data integrity * Potential economic repercussions * Loss of reputation and erosion of customer trust All of these are difficult to recover from. The long-term effects of social engineering on security involve continually adapting to new threats, as attackers also innovate and refine their techniques. ## Social Engineering FAQs ### What steps can individuals take to protect themselves from social engineering? To protect yourself: * Be cautious of unsolicited messages and verify the sender's identity. * Avoid clicking on suspicious links or attachments. * Use strong, unique passwords and enable multi-factor authentication (MFA). * Educate yourself and others about common attack methods. * Stay alert for emotional manipulation, like threats, promises, or urgency. ### How do social engineering attacks target organizations? Social engineering attacks target organizations by exploiting employees, contractors, or even third-party vendors. Attackers may impersonate IT support, executives, or trusted partners to trick individuals into sharing credentials, transferring funds, or providing access to internal systems. Techniques like spear phishing, vishing (voice phishing), and physical infiltration are commonly used to compromise businesses. ### Can social engineering be prevented with technology alone? No, social engineering cannot be fully prevented with technology alone because it targets human behavior rather than technical vulnerabilities. While security tools like email filters, firewalls, and multi-factor authentication help reduce risks, employee education, awareness training, and strong security policies are essential to prevent social engineering attacks. ### What are some real-world examples of social engineering attacks? Some notable examples include: * The Twitter Hack (2020): Attackers used social engineering to trick employees into providing access to internal systems, leading to high-profile account takeovers. * Google and Facebook Scam: Attackers impersonated a vendor and tricked employees into transferring over $100 million through fake invoices. * The Target Data Breach (2013): Hackers used a phishing attack on a third-party HVAC vendor to access Target's network, compromising millions of customer records. These examples highlight the importance of vigilance and layered security measures to combat social engineering. Related Content [What Is Attack Surface Assessment? Learn about the three types of attack surfaces and get tips to reduce your attack surface risk.](https://www.paloaltonetworks.com/cyberpedia/attack-surface-assessment?ts=markdown) [Whitepaper: Maximizing Phishing Email Analysis: Open AI and Cortex XSOAR Join Forces Learn how to supercharge your phishing analysis in Cortex XSOAR using OpenAI, a powerful combination.](https://www.paloaltonetworks.com/resources/whitepapers/maximizing-phishing-email-analysis-openai-and-cortex-xsoar-join-forces-for-enhanced-results?ts=markdown) [Cortex XSIAM Product Tour Empower your security analysts with Cortex XSIAM, a platform that unites SOC capabilities such as XDR, SOAR, SIEM, ASM, and others into a single SecOps platform.](https://www.paloaltonetworks.com/resources/infographics/xsiam-product-tour?utm_source=m&ts=markdown) [SYMPHONY25 | 1- Hour Virtual Summit: Undermine Adversaries, Unleash SecOps Don't miss out on the ultimate SOC Transformation Event, where you can witness the future of the AI and automation-driven SOC.](https://start.paloaltonetworks.com/symphony2025) ![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20is%20Social%20Engineering%3F&body=Explore%20social%20engineering%20tactics%2C%20how%20cybercriminals%20manipulate%20human%20behavior%20to%20breach%20security%2C%20and%20key%20strategies%20to%20protect%20against%20these%20attacks.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-is-social-engineering) Back to Top [Previous](https://www.paloaltonetworks.com/cyberpedia/what-is-smishing?ts=markdown) What Is Smishing? [Next](https://www.paloaltonetworks.com/cyberpedia/honeypots?ts=markdown) What Is a Honeypot? {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language