Social engineering attacks typically involve some form of psychological manipulation, fooling otherwise unsuspecting users into handing over confidential or sensitive data.

​

Commonly, social engineering involves email or other communication that invokes urgency, fear, or similar emotions in the victim, leading the victim to promptly reveal sensitive information, click a malicious link, or open a malicious file. Because social engineering involves a human element, preventing these attacks can be tricky.

​

What does social engineering look like? It could look like an email that has been designed to seem like it is from a credible organization, like your message service or Fed Ex or even your bank.

​

But if you open it and click on that attachment, you could be installing malware or ransomware. Or, it could be disguised to look like it comes from someone inside your school or place of business (like an unusual title such as IT@yourorganization – someone whom you trust). But if you respond to that email with your user name and password, your computer is easily compromised.