Social engineering presents a cybersecurity threat to individuals and businesses. Learn what’s involved and how identifying different types of social engineering can help keep your data safe.
Social engineering is a manipulation technique that deceives individuals or groups to exploit or gain unauthorized access to sensitive information or resources. Since most humans like to help, this cyberattack targets human vulnerabilities rather than technical vulnerabilities by using psychological tactics to exploit our curiosity or impulse to trust.
Falling victim to social engineering could lead to unauthorized access to personal, financial, or organizational data; identity theft; financial loss; or compromised network security.
To combat social engineering, question suspicious or unsolicited emails, calls, or visits. Be skeptical before providing personal, sensitive, or proprietary data. Educate yourself about security awareness. If they’re using an urgent or emotional appeal, think twice. Install strong security protocols such as two-factor or multi-factor authentication to make it more difficult for social engineers to get into your accounts with their illicitly gained information.
professional certificate
Get on the fast track to a career in cybersecurity. In this certificate program, you'll learn in-demand skills, and get AI training from Google experts. Learn at your own pace, no degree or experience required.
4.8
(39,371 ratings)
843,463 already enrolled
Beginner level
Average time: 6 month(s)
Learn at your own pace
Skills you'll build:
Python Programming, Security Information and Event Management (SIEM) tools, SQL, Linux, Intrusion Detection Systems (IDS), Packet Analyzer, Security Hardening, Network Security, Transmission Control Protocol / Internet Protocol (TCP/IP), Network Architecture, Cloud Networks, escalation, resume and portfolio preparation, stakeholder communication, Job preparedness, integrity and discretion, Cybersecurity, Information Security (INFOSEC), Ethics in cybersecurity, NIST Cybersecurity Framework (CSF), Historical Attacks, Computer Programming, Coding, PEP 8 style guide, NIST Risk Management Framework (RMF), Security Audits, Incident Response Playbooks, Authentication, vulnerability assessment, Cryptography, asset classification, threat analysis, Command line interface (CLI), Bash
Almost every type of cybersecurity attack has some traits of social engineering, here are some common methods that attackers use:
Phishing: Attackers send deceptive emails or messages designed to persuade you to click on a link, download a malicious file, or provide sensitive data.
Smishing: Bad actors use messaging, such as texting or WhatsApp, to get you to send payments, download attachments, or provide personal information.
Spoofing: Cybercriminals create websites that look like they belong to legitimate organizations to trick you into revealing sensitive information.
Baiting: This involves leaving physical or digital devices, such as infected USB drives, in strategic locations to tempt individuals into using them. You’re trying to help and get that device back to its rightful owner but you unknowingly grant access or compromise your systems.
Pretexting: An attacker takes on an alternative persona to entice you to disclose data or your access credentials. Often they will appear to be authority figures, such as the IRS or a business supervisor.
Tailgating: Someone gains unauthorized entry to a restricted area in a physical location, such as a building, by following closely behind a person who is allowed to enter. The individual might appear as a repair person, or they might come up with their hands full of balloons and a cake and ask you to hold the door open for them.
Quid pro quo: This involves offering something of value, such as a gift or service, in exchange for personal information or access to systems. When you see something that’s too good to be true—say free Apple products—don’t fall for this type of social engineering. Someone offering your IT support in return for your access information is another common version of quid pro quo.
Take the next step toward a career in cybersecurity by enrolling in the Google Cybersecurity Professional Certificate on Coursera. This Professional Certificate is your gateway to exploring job titles like security analyst SOC (security operations center) analyst, and more. Upon completion, you’ll have exclusive access to a job platform with over 150 employees hiring for entry-level cybersecurity roles and other resources supporting your job search.
professional certificate
Get on the fast track to a career in cybersecurity. In this certificate program, you'll learn in-demand skills, and get AI training from Google experts. Learn at your own pace, no degree or experience required.
4.8
(39,371 ratings)
843,463 already enrolled
Beginner level
Average time: 6 month(s)
Learn at your own pace
Skills you'll build:
Python Programming, Security Information and Event Management (SIEM) tools, SQL, Linux, Intrusion Detection Systems (IDS), Packet Analyzer, Security Hardening, Network Security, Transmission Control Protocol / Internet Protocol (TCP/IP), Network Architecture, Cloud Networks, escalation, resume and portfolio preparation, stakeholder communication, Job preparedness, integrity and discretion, Cybersecurity, Information Security (INFOSEC), Ethics in cybersecurity, NIST Cybersecurity Framework (CSF), Historical Attacks, Computer Programming, Coding, PEP 8 style guide, NIST Risk Management Framework (RMF), Security Audits, Incident Response Playbooks, Authentication, vulnerability assessment, Cryptography, asset classification, threat analysis, Command line interface (CLI), Bash
Editorial Team
Coursera’s editorial team is comprised of highly experienced professional editors, writers, and fact...
This content has been made available for informational purposes only. Learners are advised to conduct additional research to ensure that courses and other credentials pursued meet their personal, professional, and financial goals.
Whether you're starting your career or trying to advance to the next level, experts at Google are here to help.
Save money and learn in-demand skills from top companies and organizations at your own pace.