Social Engineering: What It Is and How to Prevent It?

Social engineering is the manipulation of people — rather than software — into handing over confidential information, credentials, or access. Instead of breaking a system, the attacker convinces a person to open the door for them.

It works because it targets judgment, not code. No firewall asks an employee to slow down and double-check who is really on the other end of a video call. That gap is exactly what these attacks exploit, and in 2026 the tooling behind them has changed dramatically.

This post covers three things: what social engineering is and why it works, the classic playbook every security team should recognize, and what AI and deepfakes have changed about the threat — followed by how to actually defend against it.

What is social engineering?

Social engineering is a set of techniques that trick people into giving up information or access through deception, persuasion, or pressure — usually so the attacker can steal data, money, or a foothold inside a network. Where a technical exploit attacks a flaw in software, social engineering attacks a flaw in human reasoning.

It works because every variant pulls the same three levers: imitation, intimidation, and manipulation. The attacker impersonates someone you trust (a colleague, IT support, a supplier), applies pressure (a deadline, a threat, an authority figure), and steers the target toward an action they would normally question.

The reason those levers work is emotional. The most effective social engineers create urgency, fear, curiosity, or a desire to be helpful — states that crowd out careful judgment. A message that says “this invoice is overdue and the client is furious” is designed to make you act before you think. Trust and routine do the rest: people want to help colleagues, follow instructions from leadership, and clear their inbox quickly.

The payoff for the attacker is varied. Credentials and financial data get resold or reused; access to internal systems sets up ransomware, fraud, or data theft; and a single convincing request can move money directly out the door. The common thread is always the same — the human is the target, and the technology is just the delivery mechanism.

The classic playbook

Most social engineering still runs on a handful of well-worn techniques. Recognizing them by name is the first step to spotting them in the wild:

• Phishing: A mass email or message impersonating a legitimate business to trick recipients into revealing credentials, clicking a malicious link, or opening a weaponized attachment.
• Spear phishing: Phishing aimed at a specific person or team, using details about them (role, projects, colleagues) to make the lure far more convincing.
• Whaling / CEO fraud: Spear phishing that targets — or impersonates — a senior executive, typically to authorize a payment or extract sensitive data on the strength of their authority.
• Vishing (voice phishing): A phone call that uses a fabricated identity and urgency to pull information or actions out of the target, such as a fake “IT support” or “bank fraud team” call.
• Smishing (SMS phishing): The same playbook over text message — a fake delivery notice, account alert, or bank warning with a malicious link.
• Baiting: Leaving malware-loaded media (a USB drive, a “free” download) where a curious target will pick it up and plug it in.
• Tailgating / piggybacking: Following an authorized person through a secure door to gain physical access without credentials.
• Pretexting: Inventing a believable backstory — a new vendor, an auditor, a transferred employee — to justify the request and lower the target’s guard.
• Quid pro quo: Offering something (tech help, a gift, a reward) in exchange for information or access.
• Watering hole: Compromising a website the target group is known to visit, then using it to deliver malware or harvest data.
• Dumpster diving: Sifting through discarded documents, drives, or notes for credentials, internal names, and other reusable details.

Each of these exploits a lack of verification more than a lack of intelligence. The targets are usually competent people doing their jobs quickly — which is precisely why awareness alone is never enough on its own.

What’s changed: the AI and deepfake era

The techniques above are decades old. What changed is the cost and quality of executing them. Generative AI has removed the two things that used to limit social engineering: the effort of crafting a convincing lure, and the difficulty of impersonating a specific human.

Deepfake video calls. The clearest example is the 2024 attack on the UK engineering firm Arup. A finance employee in its Hong Kong office joined a video conference with what appeared to be the company’s chief financial officer and several colleagues — and transferred roughly HK$200 million (about US$25 million) across 15 transactions. Every other participant on that call was a deepfake; the employee was the only real person in the meeting. It is the textbook case for why “I saw and heard them on video” is no longer proof of identity.

AI voice cloning (vishing 2.0). A few seconds of audio — from a conference talk, a podcast, or a voicemail greeting — is now enough to clone a person’s voice. Attackers use it to leave urgent “callback” voicemails or to impersonate an executive demanding an immediate wire, with a familiar voice doing the persuading.

LLM-generated phishing at scale. Large language models write fluent, well-targeted phishing in any language, instantly and in volume. By 2025, KnowBe4 reported that 82.6% of the phishing emails it analyzed showed some use of AI (KnowBe4, March 2025). The practical consequence: the old advice to “look for spelling and grammar mistakes” is now actively misleading. The FBI warns that AI-generated phishing arrives with proper grammar and spelling, so poor writing is no longer a reliable tell (FBI, May 2024).

AI-accelerated reconnaissance. Pretexting used to require hours of manual OSINT. AI now compiles a target’s role, colleagues, recent projects, and writing style from public sources in minutes, so the pretext arrives pre-loaded with the specific details that make it believable.

Callback and fake-support scams. Increasingly the email or text contains no malicious link at all — just a phone number and a reason to call it (“confirm this $499 charge”). Routing the victim to a live operator (or an AI voice) sidesteps email security entirely and moves the attack to a channel with far fewer controls.

The pattern across all of these is the same: AI hasn’t invented new attacks, it has made the existing ones cheaper, faster, more personalized, and much harder to spot by eye.

How to defend

A messy list of seventeen tips doesn’t help anyone. Effective defense against social engineering rests on three layers — people, process, and technology — and the modern AI threats specifically demand that the process layer carry more of the weight than it used to.

People. Train staff to recognize the levers (urgency, authority, fear, helpfulness) rather than memorizing a list of “signs,” because the signs keep changing. Build a culture where pausing to verify an unusual request is rewarded, not treated as an insult to the person making it. The goal is healthy suspicion of any unexpected request for money, credentials, or access — even one that looks and sounds completely legitimate. For why awareness training alone is not a silver bullet, see our take on security awareness training and what it can and can’t do.

Process. This is the direct counter to deepfake-CFO fraud, and it is where most organizations are weakest:

• Out-of-band verification. Any unexpected request to move money, change payment details, or hand over access gets confirmed through a separate, pre-known channel — call the person back on their known number, not the one in the message.
• Payment-approval workflows. Require dual authorization for wire transfers and any change to vendor bank details, with no exception for “the CEO said it’s urgent.” Urgency is the attacker’s tool, not a reason to skip the step.
• Codeword and callback protocols. For high-value or unusual requests, agree in advance on a verification step that a deepfake on a video call cannot satisfy.
• Treat unexpected urgent requests as red flags on every channel — including video. A face and voice you recognize on a call is no longer proof of who you are talking to.

Technology. Controls won’t stop a determined social engineer on their own, but they remove the easy wins and raise the cost of every attempt:

• Phishing-resistant MFA (FIDO2 / hardware security keys). This neutralizes most credential-phishing, because a stolen password alone is useless to the attacker.
• Email authentication and gateways. Enforce SPF, DKIM, and DMARC to cut down on domain spoofing, and run inbound mail through a filtering gateway that strips known phishing and malware before it reaches an inbox.
• Spam and link filtering. Reduce the volume of lures that ever reach a human, so the people layer has fewer chances to fail.
• Patching and least privilege. Keep systems current and limit what any single compromised account can reach, so a successful phish doesn’t become a full breach.

No single layer is sufficient. People miss things, process gets bypassed under pressure, and technology has gaps — defense in depth means an attacker has to beat all three.

It is also worth remembering that social engineering is not only an online problem — it happens in person, too. An attacker may tailgate through a door, pose as a contractor, or simply exploit staff being too polite to challenge a stranger in the building. The same verification discipline applies in the lobby as in the inbox.

How BSG tests this

The only reliable way to know whether your people and processes hold up is to test them under realistic conditions — before a real attacker does.

BSG runs controlled social engineering penetration testing: phishing and vishing simulations, pretexting against your staff and processes, and authorized physical intrusion attempts. We don’t just count who clicked. We map where verification broke down, which process gaps let a fabricated request through, and how far an attacker could have escalated — then hand you findings you can act on. The point isn’t to embarrass anyone; it’s to find the weak points while it’s still a simulation.