// GLOSSARY -- SECURITY & COMPLIANCE

What is Social Engineering?

1 min read Updated

Social engineering in crypto is the manipulation of people into performing actions or divulging confidential information — exploiting human psychology rather than technical vulnerabilities.

WHY IT MATTERS

Social engineering is often more effective than hacking code. Techniques include: impersonating project team members, fake job offers that install malware, compromised Discord/Telegram accounts posting fake announcements, and elaborate pretexting to gain trust.

The crypto space is particularly vulnerable: pseudonymous culture makes impersonation easy, the irreversibility of transactions means stolen funds can't be recovered, and the technical complexity creates opportunities for fake 'helpers.'

Notable social engineering attacks have compromised exchange hot wallets, protocol multisigs, and individual high-value wallets. The human element is often the weakest link in any security system.

FREQUENTLY ASKED QUESTIONS

What are common crypto social engineering attacks?
Fake support agents asking for seed phrases, compromised Discord bots posting phishing links, fake job interviews with malware-laden 'tests,' and SIM-swap attacks to bypass 2FA.
How to protect against social engineering?
Trust but verify: confirm identities through multiple channels, never share seed phrases or private keys, use hardware wallets, enable robust 2FA (not SMS), and be skeptical of urgency.
Can organizations prevent social engineering?
Partially. Security awareness training, hardware security keys, multisig wallets (no single point of compromise), and operational security procedures reduce risk but can't eliminate it entirely.

FURTHER READING

Enforce policies on every tool call

Intercept is the open-source MCP proxy that enforces YAML policies on AI agent tool calls. No code changes needed.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.