Social Engineering

Overview

Not all attacks target technology directly.

In many cases, attackers target people.

This approach is known as social engineering.

Social engineering is the practice of manipulating individuals into revealing information, granting access, or performing actions that benefit an attacker.

A helpful way to think about social engineering is deception.

Rather than breaking into a system through technical means, the attacker attempts to convince someone to voluntarily provide access or information.

Social engineering may involve emails, phone calls, text messages, social media interactions, or face-to-face communication.

Because people are often a critical part of security, understanding social engineering is an important aspect of cybersecurity and AI literacy.

As AI-generated content becomes more convincing, social engineering attacks may become increasingly sophisticated.

Why It Matters

Social engineering targets human behavior rather than technical vulnerabilities.

Real-World Example

An attacker pretends to be an IT employee and asks a user to reveal their password.

Related Concepts

• Phishing
• Cybersecurity
• Deepfake
• Synthetic Media
• AI Security

Related Articles

• Understanding Deepfakes, AI Transparency, and Digital Trust
• Why AI Security Matters
• Why AI Security Starts With Fundamentals