What is Social Engineering?

1 min read Advanced Security Topics

Social engineering is the psychological manipulation of people into performing actions or divulging confidential information for fraudulent purposes. Unlike traditional hacking that focuses on technical vulnerabilities, social engineering exploits human psychology, trust, and natural helpfulness. It's a confidence trick that relies on human interaction and often involves tricking people into breaking normal security procedures.

The term encompasses a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information. What makes social engineering particularly dangerous is that it bypasses technical security controls by targeting the people who use them.

Key Characteristics of Social Engineering:

Exploits human emotions rather than technical vulnerabilities
Often appears legitimate and urgent
Relies on establishing trust or authority
Takes advantage of human tendencies to be helpful
Frequently combines multiple attack vectors
Can target anyone regardless of technical expertise