Social Engineering is a widely used technique in order to gain access to someones personal information such as passwords, social security numbers an much more sensitive information. Attackers feed on our basic human instincts in an attempt to gain trust and slowly access our systems and information. There are several forms of social engineering.
One of the most common forms of social engineering is phishing. This is where the attacker attempts to send employees fraudulent emails that appear to be coming from legitimate places. All it takes is one simple click on a link and your system is compromised.
Shoulder surfing is simply an observer watching as you enter sensitive information such as your password.
Baiting is another form of enticement. The attacker lures you into putting in sensitive data by offering something for free.