This small article is a brief overview on social engineering. It talks a bit about the psychology of social engineering, the security threat it imposes and about the methods used for it. Basically, this article is a summary that covers the . . .

This small article is a brief overview on social engineering. It talks a bit about the psychology of social engineering, the security threat it imposes and about the methods used for it. Basically, this article is a summary that covers the important facts (from my point of view) about social engineering.

One of the basic laws of information security is that 'Client-Side Security Doesn't Work', or more precisely, as Scott Culp says: "The basic problem with client-side security is that the person sitting physically in front of the client has absolute control over it", and "If a bad guy has unrestricted physical access to your computer, it's not your computer anymore". Social engineering attack uses the fact that the human part of the security is the most essential. Moreover, there is not a single computer system in the world that does not rely on humans. This is why this security weakness is independent of platform, software, network, firewalls, VPNs etc.