100% Free Forever
AI-Powered Learning
Industry Expert Content
Certificates & Badges
Learn At Your Own Pace

Social Engineering Awareness Cheat Sheet

Social Engineering Awareness Cheat Sheet

Covers common social engineering attack techniques, red-flag indicators, and practical verification steps to help employees resist manipulation.

1 PageBeginnerFeb 2, 2026

Common Attack Types

The main social engineering techniques attackers use.

  • Phishing- Mass email impersonating a trusted brand to harvest credentials or deliver malware
  • Spear phishing- Highly targeted phishing using personal details about the victim or organization
  • Vishing- Voice-call phishing, often impersonating IT support, banks, or executives
  • Smishing- Phishing via SMS text messages, frequently spoofing delivery or bank alerts
  • Pretexting- Attacker invents a fabricated scenario (e.g. auditor, vendor) to extract information
  • Baiting- Leaving infected USB drives or fake downloads to lure victims into executing malware
  • Tailgating- Following an authorized employee through a secure door without badging in
  • Quid pro quo- Offering a fake service or reward (e.g. 'free tech support') in exchange for access

Red Flags to Watch For

Signals that a message or call may be a social engineering attempt.

  • Urgency- Pressure to act immediately, bypassing normal verification steps
  • Authority impersonation- Sender claims to be a CEO, executive, or law enforcement to discourage questioning
  • Mismatched sender domain- Display name looks legitimate but the reply-to or domain is subtly misspelled
  • Unusual payment requests- Wire transfers, gift cards, or invoice changes requested outside normal process
  • Generic greeting with personal ask- 'Dear user' combined with a request for sensitive credentials or data
  • Unexpected attachments/links- Links or files you did not request, especially with shortened URLs

Checking Email Authenticity

Inspect SPF/DKIM/DMARC results in raw email headers to spot spoofing.

bash
# View raw headers (Gmail: 'Show original', Outlook: 'View message details')# Look for authentication results, e.g.:#   Authentication-Results: mx.example.com;#     spf=fail smtp.mailfrom=attacker.com;#     dkim=none;#     dmarc=fail (p=REJECT) header.from=yourbank.com# spf=fail  -> sending server not authorized for that domain# dkim=fail -> message content/signature does not match# dmarc=fail -> policy says reject/quarantine unauthenticated mail

What To Do When Targeted

Recommended response steps for suspected social engineering attempts.

  • Do not respond directly- Never reply to or call numbers provided in the suspicious message
  • Verify out-of-band- Call the person or company using a known, previously saved phone number
  • Report to security team- Forward phishing emails to your organization's designated abuse/security mailbox
  • Do not enter credentials- Never log in via a link from an unsolicited email; navigate to the site directly
  • Preserve evidence- Keep the original email/message headers intact for incident response analysis
Pro Tip

For high-value requests like wire transfers or password resets, establish a pre-agreed verbal 'safe phrase' with finance and IT teams — attackers using deepfake voice or video can mimic tone and appearance, but not a shared secret they were never told.

Was this cheat sheet helpful?

Explore Topics

#SocialEngineeringAwareness#SocialEngineeringAwarenessCheatSheet#Cybersecurity#Beginner#CommonAttackTypes#RedFlagsToWatchFor#VerifyingASuspiciousLink#CheckingEmailAuthenticity#CheatSheet#SkillVeris