Offensive Cybersecurity FAQs

Social engineering is the manipulation of human beings to obtain confidential or otherwise private information that a person would not otherwise divulge. An example of social engineering would be an email urging users to click a link to confirm their recent purchase. When users click on the link, it takes them to a spoofed web page that mimics a popular shopping website, and when entering their login credentials, hackers capture the data.

Financial services, healthcare, and supply chain companies are some of the most highly targeted industries due to access to personal and financial records.

Users remain the weak link in the chain of defense within most mature organizations, making social engineering attacks highly successful and lucrative for cybercriminals.

Social engineering testing lets organizations know how well their current protections are working and what areas of employee awareness training need improvement.

Social engineering pretexting is when an attacker or cyber-criminal tries to convince you to expose sensitive or valuable information or gain access to a service or system. Pretexting is when the attacker makes up a story to fool you, the victim.