What is Social Engineering?

Social engineering is a tactic used by threat actors to manipulate people into giving up sensitive information or access. Instead of attacking systems directly, social engineers exploit human psychology—often using urgency, fear, or trust to get what they want.

This technique is common because it works. Even the most secure technical systems can be compromised by a simple phone call or convincing email.

Common Social Engineering Tactics

* Creating a sense of urgency

* Impersonating a trusted source

* Using threats or intimidation

Social Engineering Examples

1. Bob gets a call from “Sarah in IT” asking for his password to apply urgent updates.

2. Alice receives an email from her company’s VP asking for a $1 million wire transfer “on behalf of the president.”

3. John gets a phone call from someone claiming to be his bank, requesting account details to “prevent closure.”

How to Protect Yourself

* Never share your password. Legitimate organizations won’t ask. 

* Verify requests independently. Call back using a known number.

* Pause and think. Emotional manipulation is a red flag.

Final Thoughts

Social engineering bypasses firewalls by targeting people instead of systems. That’s why technical defenses alone aren’t enough; awareness and caution are key. By learning to recognize the signs and taking a moment to verify, you can stop these attacks before they succeed.