What is social engineering?
Social engineering manipulates people into taking actions or revealing information. Rather than exploiting technical vulnerabilities, it exploits human psychology: trust, fear, urgency, and authority. Email is a primary social engineering channel.
Techniques include: phishing (impersonating trusted entities), pretexting (creating false scenarios), baiting (offering something desirable), and quid pro quo (offering services for information). All rely on psychological manipulation.
Defense is primarily educational. Technical controls help but can't prevent determined social engineering. Training users to recognize manipulation techniques, verify requests through trusted channels, and resist pressure is essential.
Understand why humans are the easiest target. Open an AI assistant with your question pre-loaded — just add your details and send.
Was this answer helpful?
Thanks for your feedback!