Social Engineering

Social engineering is when a potential victim is attacked through their access or through manipulation.  This is when the attacker directly looks for a potential victim to get a password, give away important information, or click fake emails or links to gain access or distribute malware. In other words, they are tareting people instead o trying to hack an organization itself.  A few different examples of social engineering are phishing, smishing, vishing, fake emails, etc. 

Social engineering matters because it is important that people and businesses are aware of this type of cyber attack. It is extremely prominent and one of the simpler ways to be cyber attacked. Even with strong security, someone such as an employee with the access to company networks may cause a liability and lead to passwords leaks, data breaches, financial breaches, and overall may cause the company a lot of damage wether uninteded or not. 

Companies can educate employees on different social engineering techniques that can be used against them. They can create policies or request employees verify with educated managers before sensitive information is sent out. They can limit access to only neccesary information for employees.  

Offering free training and education on preventative actions when they suspect something suspicious is going on is highly beneficial for a business as it can strengthen defense against scammers and attackers. Overall, this will help protect scams, security breaches, lawsuits, etc.