What is social engineering in cybersecurity?
D2 ยท Threats ยท CompTIA Security+ SY0-701Social engineering is manipulating people psychologically to reveal confidential information or take insecure actions. It exploits human trust, fear, urgency, and authority rather than technical vulnerabilities.
Key techniques: phishing, pretexting (fabricating a scenario), baiting (USB drop), tailgating / piggybacking (physical access), quid pro quo (offer something in exchange).
Key techniques: phishing, pretexting (fabricating a scenario), baiting (USB drop), tailgating / piggybacking (physical access), quid pro quo (offer something in exchange).
Social engineering is the #1 attack vector in real-world breaches. On the exam, if a question involves a person being tricked โ it's social engineering, not a technical exploit.