Social engineering refers to a set of methods that attackers use to manipulate people with the aim of obtaining confidential information or access to systems.
Instead of exploiting vulnerabilities in software or hardware, social engineering focuses on exploiting human weaknesses, such as trust, fear or curiosity. For example, an attacker could make a phone call posing as a support technician to persuade an employee to reveal her password.
With the rise of social media, social engineering has become even more powerful, as attackers can collect large amounts of personal information and use it to design more convincing and personalized attacks. The most effective defense against social engineering is user education and awareness of common tactics and the importance of verification.