In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in the sense that it is often one of the many steps in a more complex fraud scheme.[1] It has also been defined as "any act that influences a person to take an action that may or may not be in their best interests."[2]
Research done in 2020 has indicated that social engineering will be one of the most prominent challenges of the upcoming decade. Having proficiency in social engineering will be increasingly important for organizations and countries, due to the impact on geopolitics as well. Social engineering raises the question of whether our decisions will be accurately informed if our primary information is engineered and biased.[3]
Social engineering attacks have been increasing in intensity and number, cementing the need for novel detection techniques and cyber security educational programs.[4]