Social Engineering
Social Engineering
A technique that exploits human psychology and mistakes to steal sensitive information such as passwords.
In Simple Terms
Social Engineering is an attack method that exploits human psychological weaknesses and mistakes to extract or steal valuable information. A classic example is impersonating a system administrator over the phone and using persuasive language to get someone to reveal their password. Searching through discarded documents or shoulder surfing — peeking at someone's screen — are also recognized techniques. A defining characteristic is that people, not computers, are the target.
Behind the Name
The name reflects the method: "Social" points to the human side — relationships and everyday interactions — while "Engineering" captures the idea of applying those as a kind of technique. Instead of exploiting computer systems, it uses the way people naturally trust and communicate as the attack surface. Think of it as hacking the gaps in human psychology rather than in code.
Take a Closer Look!
Social Engineering refers to techniques that exploit human psychological lapses rather than technical flaws in computer systems. No matter how strong a network's defenses become, if even one person is deceived, information can leak with ease — making it a serious security threat.
Common tactics include impersonation: calling while posing as an executive or IT staff member, then using persuasive language to extract passwords. Analog methods are equally widespread — shoulder surfing (watching someone type from behind) and dumpster diving (retrieving discarded documents to gather information) require no technical skill whatsoever.
Put simply, the goal is to cloud someone's judgment: feigning helplessness to gain sympathy, or manufacturing urgency to rush someone into acting without thinking. Phishing — luring victims to convincing fake sites via email — exploits the same psychological mechanisms. Because no specialized knowledge is required to carry out these attacks, individual awareness and vigilance are the most critical line of defense.