Social engineering is a set of techniques used to manipulate people to obtain confidential information or induce them to perform unwanted actions. It stands out as a recurring tool in cyberattacks, and its effectiveness is remarkable, as it is capable of bypassing even people with a high level of awareness about security. 

Social engineering crimes not only compromise data security but also trigger a series of other impacts. By gaining access to confidential information, criminals can use it to commit numerous violations, such as financial fraud, identity theft, or even access private systems or networks.

Some examples of the impacts of social engineering on data security.

• Phishing: Phishing is a type of social engineering that involves sending fraudulent emails or text messages that appear to be from a trusted source. The emails typically ask victims to provide confidential information, such as passwords or credit card numbers. Example of a fake invoice email: Phishing emails containing fake invoices often resemble legitimate invoices from well-known companies. Furthermore, they may include threats to suspend accounts or services if the "invoice" is not paid immediately. The goal of these emails is to trick victims into clicking a link that directs them to a fake website that looks like the legitimate company's website. Once on the fake site, victims are then asked to provide confidential information.
  
  
• Pretexting: Pretexting is a type of scam in which a pretext is used to coerce the user into revealing personal or confidential information. In other words, the cybercriminal invents a false situation to steal information that can be used in serious crimes such as identity theft and fraud. Example: A cybercriminal might impersonate a government employee and call the user to request personal information, such as a Social Security number or bank account number. 

• Whaling: A specific type of phishing attack. It works like a whale hunting attack and targets high-profile employees, such as the CFO or CEO. The goal is to trick the employee into divulging confidential information.

How to protect yourself from this technique

Social engineers skillfully exploit human emotions, such as curiosity and fear, to manipulate their victims. Therefore, it is crucial to maintain constant vigilance when encountering emails or offers that raise alarm.

Being alert can help users avoid attacks that occur in the digital world. 

1. Be wary of tempting offers.;
   
2. Cybersecurity awareness training for employees;
   
3. Do not open suspicious emails and attachments;
   
4. Be cautious when sharing personal information on social media..

In short, people should be aware of social engineering techniques and ways to protect themselves. 

Companies can also protect themselves by taking measures against social engineering. This may include implementing security policies and procedures and using security tools to detect and block attacks.