Shoulder surfing is a social engineering attack where the attacker peeps or eavesdrops on a person’s sensitive information. They do this by watching over the victim’s shoulder or from a nearby location. This attack is common in crowded places such as café, ATMs and airports.
Example:
Sarah discreetly observes John as he enters his credit card PIN at a coffee shop payment terminal and later at an ATM. Sarah memorizes his PIN without John’s knowledge and later uses it to access his bank account and carry out unauthorized transactions.
Prevention Tips:
- Be aware of your surroundings when entering sensitive information.
- Shield your screen and keypad when entering PINs, or passwords.
- Use privacy screens on your devices.