We define social engineering (SE) as “any act that influences a person to take an action that may or may not be in their best interest.” Although we tend to focus on the malicious forms of SE, it is important to understand the psychological, physiological and technological aspects of influencing a person. The same principles that are used in the positive sense also can be used for the malicious too.
Although it has been given a bad name by the plethora of “free pizza”, “free coffee”, and “how to pick up chicks” sites, aspects of social engineering actually touches on many parts of daily life. Many consider social engineering to be the greatest risk to security.
As you will see reading through this framework, the principles can be used in developing and enhancing communications, relationships and our own understanding of those we interact with.