1. What is social engineering?

A well-designed network can make it almost impossible to directly attack the hardware of a system. But even the most secure network is made vulnerable when it is used by real live people.

People make mistakes; they can be tricked, fooled, bribed, or threatened.

All of these threats to a network are labeled together as 'social attacks' or 'social engineering'.

It is difficult to generalise social attacks because there are so many ways an attacker can convince a user to compromise security either willingly or unwillingly.

What social attacks all have in common, though, is that they target people rather than hardware or software.

Social engineering: Manipulating or tricking people so that they give away confidential information