Skip to main content
Microsoft Security

Is social engineering the biggest threat to your organization?

“Always remember: Amateurs hack systems. Professionals hack people.” –Bruce Schneier, CTO, Counterpane Internet Security, Inc.

All over the globe, social engineering is a dominant and growing threat to organizational security. Since January 2015, the number of social engineering victims identified by the FBI has increased 270 percent, costing businesses more than $2.3 billion.

Social engineering happens when a hacker uses manipulation, influence, or deception to get another person to release information or to perform some sort of action that benefits them. Essentially it just comes down to tricking people into breaking normal security procedures such as divulging a password.

Some common types of social engineering include:

No matter how strong your technical security is, your organization’s people are often the most vulnerable link in the chain. But, with thorough, thoughtful, and regular education, they can also be your biggest asset in your fight against social engineering.

To learn how to implement strong security policies and build a security-aware culture to help protect your organization from social engineering risks, check out the Insider’s Guide to Social Engineering.