Read Post

Shoulder Surfing (Social Engineering)

04/10/2025 01:52:50 pm

By Timothy Iloba

Shoulder Surfing (Social Engineering)

Shoulder Surfing is a social engineering technique used by malicious attackers to steal confidential and sensitive information from their victims.

 

They do this by looking over the shoulder of an unsuspecting victim.

 

Think of it this way. Let’s say you are in a public place and you bring out your phone to carryout a bank transaction and as you type your pin or password, someone looks over your shoulder and sees the password you typed without you noticing.

 

That’s Should surfing and in most cases, the victims are totally unaware of the attack.

 

Shoulder surfing is not limited to just peeping over a victim’s shoulder alone. It also involves the use of hidden cameras, Key-loggers and ATM skimmers to steal sensitive information from unsuspecting victims.

 

Malicious attackers can install hidden cameras at ATM points to monitor victims and steal card pins, they also make use of what we call ATM skimmers. ATM skimmers are fake keypads that are installed on ATMs to steal card details. An Attacker can also install a Key-logger on a victim’s device and will get access to any password that is typed on that device.

 

All these I mentioned above are methods used to carryout shoulder surfing attacks.

 

This Kind of attack takes advantage of a victim’s sense of security, negligence and lack of attentiveness.

 

You can protect yourself by always being at alert whenever typing sensitive information on your phone. Make sure no one is behind you or close to you. Also, whenever at an ATM stand, make sure to be alert and cover your keypad when typing your pin. Banks should also perform routine checks on all their ATM points to check out for hidden cameras or ATM skimmers.

 

Be informed! I will leave you with this acronym we use in the world of cyber security (ABC)

 

A - Assume nothing

B - Believe nothing

C - Confirm everything

 

Thanks for reading. I am Timothy, a software engineer with great love for cyber security.

 

If you found this insightful, feel free to follow me for me for more.

shouldersurfing, cybersecurity