Font Size: 

Social engineering is the act of using manipulation and deception to obtain access to confidential information. It is considered one of the leading threats to information security today. The topic is complex and increasing in prevalence among individuals and businesses. This paper explores the subject of social engineering from an interdisciplinary perspective. A literature review from the information technology, psychology, and business disciplines explains the interconnected nature of the topic as well as the necessity to comprehend it from multiple viewpoints. An ethical perspective follows the literature review and analyzes social engineering attacks and research from a philosophical and professional viewpoint. An integrated summary promotes the idea of studying the topic from the three disciplines and attempts to explain the complexity of social engineering. Suggestions for future research are provided in an effort to mitigate social engineering risk and provide useable solutions for businesses today to protect themselves from this threat.

social engineering; information technology; information security; information systems