Social engineers use psychological manipulation to trick human beings into divulging sensitive information that can then be used to break into systems. SE scams also prompt people to take an action (like click on a bad link) that can infect a machine and allow a criminal to get in and start stealing data.
These attacks can take place human to human. ("Hello, this is IT. Your computer is infected and I need your password.") Or through email and social media, for example a phishing email that informs you your PayPal account is suspended.
But there are certain intrinsic qualities most humans possess that social engineers exploit in order to pull off their attacks. And knowing how they do it might help us better guard against exploits. Dark Reading spoke to social engineering experts for a breakdown of these traits – and what happens when an SE finds a way to "break in" to human beings.