Social engineering is a form of communication that aims at gaining people’s trust at first and then prompting them to share sensitive information or do something the attacker would take advantage of, such as opening an infected file or clicking a malicious link.
When it comes to social engineering, the goal is to hack humans, not computers. Social engineering scams have a lot in common with marketing automation technology. Of course the main difference being that one is legitimate, the other is not.
Oftentimes social engineering can render even the best technological measures useless, and brute force isn’t needed either. To give you an example from real life, a man alone gained the trust of employees of ABM AMRO bank in Belgium over the course of a year by merely being charming. One day the employees gave him access to security boxes and he stole 28 million dollars in diamonds.
Specifics related to ML tools for social engineering
Nowadays due to technologies like artificial intelligence (AI) and machine learning (ML) and Internet of Things (IoT), there can be created tools to gather public information on people for the sole reason to spear phish them, or even forge their voices to impersonate