Ok, so what is social engineering? Social engineering is a special kind of cyberattack where the attacker doesn’t have to gain access to your systems first. Instead, they pretend to be someone trustworthy in your organization and just ask employees for the information they need to hurt you. They can spoof email or gain access to the phone systems, but at the end of the day the attack vector is not through technology, but through people. Great, so how do you stop them? The short answer is education. The longer answer is below.