Social engineering is the psychological manipulation of someone, with the goal of getting them to do what we want. In this chapter, we will explore how attackers use various types of social engineering to plant malware and steal credentials. We’ll also learn how to stop them.
You’ll need to have read chapter 4 to get the most out of this chapter; social engineering builds on the common attacks we covered there. As we explore social engineering, the focus will be on our personal behavior—how social engineering affects and exploits us—to extend this new understanding (and best practices to combat it) to our employees and colleagues.