Extremely Easy Security — Learn Social Engineering in Plain English (1.1 Part 2)

It looked much better in my head. Also, this drawing provides absolutely no clarity between phishing and whaling whatsoever.


Dumpster Diving

Shoulder Surfing



Eliciting Information

A stranger offers beer to Steve and Steve tells him his credit card number before accepting the beer. Make sure to only reveal sensitive private information after accepting beer.


Identity Fraud

That was supposed to be a bear. I am really sorry. I do not know why he looks so depressed or has wings for hands.

Invoice Scams

Credential Harvesting




Watering Hole Attack

Next Up: Err… Part 3 isn’t out yet, but if you want updates, you can subscribe to my blog. Yay!




Writer, ethical hacker, humorist. Extremely Easy Security.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Log Poisoning — Inject payloads in logs

What is a personal cabinet on the site?

Report: CIA focused on the glamor of cyber weapons, ignored security

Top Network Security Solution Companies

I Deployed a Honeypot in California

Router Security Analysis

Front of Router

Guide to AWS GuardDuty findings in EKS

Self-Sovereign Identity: a necessity in the Digital World

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Writer, ethical hacker, humorist. Extremely Easy Security.

More from Medium

Extremely Simple Security — Learn Cyber Threats, Attacks & Vulnerabilities (Social Engineering, 1.1)

How To Use John The Ripper Tool In Linux For Cracking Passwords?

OWASP Top 10: Injection — What are they? And how to prevent them!

Who owns your password?