Social Engineering is the term applied to a type of deceptive interaction that generally involves some sort of impersonation to glean information from an unsuspecting victim.
We’re mostly used to phishing emails, virus-laden websites, and the like, and have learned to stay away from anything that reads funny or looks suspicious. However, very few of us are trained to safeguard against actual human beings contacting us directly, either via phone or in person. An email flagged as spam requesting password details for instance we would likely disregard, but a sincere sounding phone call from a support representative requesting your password details, we might not have our guard up for.
All organizations concerned about the security of their data should formally coach their employees on a whole slew of potential tactics social engineering hackers might employ on them. It’s important your organization is not blind to this wide open security window.