Social engineering
The easiest thing to exploit in any enterprise is the people working in the enterprise. The reason is because we, as human beings, are naturally trusting and want to think that there are, in general, no ill intentions when another human being interacts with us. This is the very weakness that makes us humans susceptible to social engineering; the act of getting an individual to take an action or provide information for the purposes of unauthorized access or to gain private information. There are many methods used to social engineer an individual: e-mail, phone, social media, and in-person interaction. This adds to the complexity of thwarting such attacks because they are not always perpetrated in the same manner, and can be of high quality to ensure the bait is taken. What makes these attacks successful is their believability; the communication is in a context that makes the proposed scenario a possibility and not beyond imagination. Sometimes the e-mail phishing source...
