Sometimes, the most powerful tool is a word. Social engineers know that, and they use that tool to bypass all of the automatic protections and preplanned procedures you have in place. A persuasive lie can get an attacker further than a dozen hacking tricks.
What is social engineering? Social engineering is the “art” of manipulating others in order for them to give up sensitive or confidential information. This can range from passwords, bank information, and more.
Fighting social engineering is all about being skeptical and thinking clearly. Social engineers want you to act quickly and not question what they tell you. They use tactics like sympathy, intimidation, authority and urgency, pressuring their targets to make careless decisions — such as letting them into a restricted area or turning over valuable information.
When you ask questions and treat every request with healthy skepticism, you stop social engineers in their tracks. Ask them: “Can I see some ID?” Or say “I need to verify this with my supervisor.” Refuse to be taken in by a sob story or threats and insist on checking with your boss or the appropriate authorities. The Internet is full of social engineers and opportunists, but all it takes is caution to shut them down.