exploiting-improper-input-validation-for-social-engineering-attacks