Introduction. The paper focuses on language means exploited by social engineers in their activities in terms of humanitarian aspects of cybersecurity. The goal of this research is to analyze the methods and techniques employed by social engineers in their malicious activity and its features from a psycholinguistic point of view for further development of counteraction mechanisms.
Methods. To obtain results we used the following methods: primary source analysis, analysis of spoken and written speech and speech products, and intent analysis.
Results. The activity theory has been successfully applied to consider the key features of social engineers’ work. On the base of AT we presented a three-component model which we may consider only in the case of a social engineer’s successful attack (action).
Based on the analysis of the sources, we distinguished the types of spoken and written communication actions (these types correspond to direct and indirect actions), used by social engineers to affect the cognitive processes for retrieving “sensitive data” and confidential information. Besides, we also categorized psychological and language means, which social engineers evidently apply in their activities. We stress that in most cases social engineers’ activities are aimed at a) affecting the person’s emotions and feelings; b) blocking rational and critical thinking; c) manipulating moral and ethic values, and d) using positive incentives that have an interest to a user. Taking into account the abovementioned types of communication, psychological and language means, we systematized and described the general techniques of using oral and written forms of language and technologies: 1) techniques related to the use of spoken speech; 2) techniques related to the use of written speech; 3) techniques related to the use of USB flash drives, applications, and program software.
The findings are applicable for developing a mechanism to counter social engineers’ attacks and contribute to improving the level of cyber literacy.