Social Engineering is the process of manipulating another person or group of people to divulge information or perform actions relevant to a systems security.
In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. It has also been defined as "any act that influences a person to take an action that may or may not be in their best interests."An example of social engineering is an attacker calling a help desk, impersonating someone else, and claiming to have forgotten their password. If the help desk worker resets the password, it grants the attacker full access to the account.