Cybercriminals have learned that the easiest way to take control of your computer or steal your passwords is to simply ask you for them.
Social engineering does not use technology; it does not exploit vulnerability in a program. Instead, it is a psychological attack to trick you into divulging information. Cybercriminals build trust with you, pretending to be a person or organization you know. They then exploit this trust to get what they want, such as access to your computer or your passwords.
To understand how to protect yourself from social engineering attacks, see the April Office of Information Security Cybersecurity newsletter.
The IT Security Program APS provides more information about the responsibilities of users as it relates to using IT Resources and protecting data.