Social Engineering
What is Social Engineering?
Social engineering is the use of psychological manipulation, deception, or persuasion to influence people into revealing information, granting access, or performing actions that benefit an attacker.
Examples
- An attacker sends an urgent email pretending to be IT support and tricks an employee into entering their password on a fake login page.
- A caller poses as a senior executive and pressures a finance worker to transfer money quickly without following normal approval checks.
Discover 🔎
Not every attack begins with code. Many begin with conversation, pressure, trust, urgency, or a believable lie. Instead of breaking a technical control directly, the attacker convinces a person to bypass it, ignore it, or undo it for them.
That is what makes social engineering so powerful. It targets the human part of the system. If a user can be persuaded to click, trust, reveal, approve, or assist, the attacker may not need to defeat the technology in the usual way. The person becomes the path.
Summary 📝
Social engineering is the use of deception and psychological influence to make people help the attacker. It works by exploiting trust, urgency, fear, routine, and normal workplace behavior rather than depending only on technical flaws. Strong defense comes from combining awareness, verification, good process, and technical controls that reduce the impact of human error.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.