Attacks & Threats
Shoulder Surfing
Also known as: Visual eavesdropping
Definition
Observing someone's screen, keyboard, or PIN pad over their shoulder — directly or via cameras — to steal credentials, codes, or sensitive information.
Examples
- Reading a traveler's email through the screen on a packed train.
- Using a hidden camera near an ATM to capture PINs and card details.
Related terms
Social Engineering
The psychological manipulation of people into performing actions or disclosing confidential information that benefits an attacker.
Dumpster Diving
Searching through an organisation's or person's discarded materials — paper, removable media, hardware — to recover sensitive information.
Tailgating
A physical intrusion technique where an attacker slips through an access control by closely following an authorized person without their consent or awareness.
Piggybacking
Unauthorized physical or logical access gained when an authorized person knowingly allows an attacker to follow them past an access control.
Phishing
A social-engineering attack in which an attacker impersonates a trusted party to trick a victim into revealing credentials, transferring money, or running malware.
Password
Password — definition coming soon.