Social engineering is a scary thing, and we're all vulnerable. It starts when scammers try to build trust with their victims. They trick their victims into handing over e-mail address, physical addresses, phone numbers and passwords.

Scammers often use phishing e-mails (and sometimes phone calls) posing as legitimate sources to get this information. They might tell you they’re a representative at your bank or your favorite online store. They may even pose as one of your colleagues. They prey on your desire to help or fix a problem.

Social engineering works because scammers know how to break through the “human firewall,” or the people in your organization. You can have all the malware protection in the world, but hackers can still break in by exploiting your employees.