What Is Social Engineering?

Written by Coursera Staff • Updated on

Social engineering presents a cybersecurity threat to individuals and businesses. Learn what’s involved and how identifying different types of social engineering can help keep your data safe.

[Featured image] Two cybersecurity analysts are learning about social engineering.

Social engineering is a manipulation technique that deceives individuals or groups to exploit or gain unauthorized access to sensitive information or resources. Since most humans like to help, this cyberattack targets human vulnerabilities rather than technical vulnerabilities by using psychological tactics to exploit our curiosity or impulse to trust.

Falling victim to social engineering could lead to unauthorized access to personal, financial, or organizational data; identity theft; financial loss; or compromised network security. 

What is the best defense against social engineering attacks?

To combat social engineering, question suspicious or unsolicited emails, calls, or visits. Be skeptical before providing personal, sensitive, or proprietary data. Educate yourself about security awareness. If they’re using an urgent or emotional appeal, think twice. Install strong security protocols such as two-factor or multi-factor authentication to make it more difficult for social engineers to get into your accounts with their illicitly gained information. 

Placeholder
Placeholder

professional certificate

IBM IT Support

Prepare for a career as an IT support specialist. Gain the in-demand skills and hands-on experience to get job-ready in as little as 3 months. No prior experience required.

4.8

(2,011 ratings)

46,042 already enrolled

Beginner level

Average time: 3 month(s)

Learn at your own pace

Skills you'll build:

Technical Support, Customer Service, Cloud, Troubleshooting, IT Fundamentals, Software Application Development, Computer Programming, Software Development Process, Database basics, Wireless Networks, Network Troubleshooting, Network Architecture, Cloud Storage, Networking Hardware, Cybersecurity, Cryptography, Cyberattacks, Information Security (INFOSEC), Application Security, Cloud Computing, Hybrid Multicloud, Devops, Iaas PaaS Saas, Cloud Native, Operating Systems, hardware, Information Technology (IT) Support, Ticketing Systems, Service Level Agreements (SLA), Certification Test, CompTIA ITF+, Exam Practice

What are some of the most common social engineering techniques?

Almost every type of cybersecurity attack has some traits of social engineering, here are some common methods that attackers use:

  • Phishing: Attackers send deceptive emails or messages designed to persuade you to click on a link, download a malicious file, or provide sensitive data.

  • Smishing: Bad actors use messaging, such as texting or WhatsApp, to get you to send payments, download attachments, or provide personal information.

  • Spoofing: Cybercriminals create websites that look like they belong to legitimate organizations to trick you into revealing sensitive information. 

  • Baiting: This involves leaving physical or digital devices, such as infected USB drives, in strategic locations to tempt individuals into using them. You’re trying to help and get that device back to its rightful owner but you unknowingly grant access or compromise your systems.

  • Pretexting: An attacker takes on an alternative persona to entice you to disclose data or your access credentials. Often they will appear to be authority figures, such as the IRS or a business supervisor.

  • Tailgating: Someone gains unauthorized entry to a restricted area in a physical location, such as a building, by following closely behind a person who is allowed to enter. The individual might appear as a repair person, or they might come up with their hands full of balloons and a cake and ask you to hold the door open for them.

  • Quid pro quo: This involves offering something of value, such as a gift or service, in exchange for personal information or access to systems. When you see something that’s too good to be true—say free Apple products—don’t fall for this type of social engineering. Someone offering your IT support in return for your access information is another common version of quid pro quo.

Learn how to fight social engineering scams on Coursera 

Take the next step toward a career in cybersecurity by enrolling in the  Google Cybersecurity Professional Certificate on Coursera. This Professional Certificate is your gateway to exploring job titles like security analyst SOC (security operations center) analyst, and more. Upon completion, you’ll have exclusive access to a job platform with over 150 employees hiring for entry-level cybersecurity roles and other resources supporting your job search.

Placeholder

professional certificate

IBM IT Support

Prepare for a career as an IT support specialist. Gain the in-demand skills and hands-on experience to get job-ready in as little as 3 months. No prior experience required.

4.8

(2,011 ratings)

46,042 already enrolled

Beginner level

Average time: 3 month(s)

Learn at your own pace

Skills you'll build:

Technical Support, Customer Service, Cloud, Troubleshooting, IT Fundamentals, Software Application Development, Computer Programming, Software Development Process, Database basics, Wireless Networks, Network Troubleshooting, Network Architecture, Cloud Storage, Networking Hardware, Cybersecurity, Cryptography, Cyberattacks, Information Security (INFOSEC), Application Security, Cloud Computing, Hybrid Multicloud, Devops, Iaas PaaS Saas, Cloud Native, Operating Systems, hardware, Information Technology (IT) Support, Ticketing Systems, Service Level Agreements (SLA), Certification Test, CompTIA ITF+, Exam Practice

Updated on
Written by:
Coursera Staff

Editorial Team

Coursera’s editorial team is comprised of highly experienced professional editors, writers, and fact...

This content has been made available for informational purposes only. Learners are advised to conduct additional research to ensure that courses and other credentials pursued meet their personal, professional, and financial goals.

Whether you're starting your career or trying to advance to the next level, experts at Google are here to help.

Save money and learn in-demand skills from top companies and organizations.