Social engineering is the manipulation of someone to serve an objective such as divulging confidential information that they would not normally divulge.
Victim triggered exploits such as opening a malicious email or clicking on a malicious link are still the main entry point for an assailant to gain malicious access into a corporate network. Social engineering often plays a big part in this.
Social engineering is a term often associated to Internet threats like phishing, scams, and malware such as ransomware.
Many studies have indicated the human element to be the weakest link in information security. Many of the cyber-attacks that have occurred have in fact considered this when designed. Understanding the technologies that we now use are getting far better at protecting our networks, criminals adapt. Social engineering provides an instrument to bypass robust network defences.
When people fall victim to social engineering techniques it is often not because they are gullible but because most people are good and to say the obvious, not expecting to be the victim of an attack. The truth is most people are just wanting to do a good job and they like to help when able. We live in a society where holding the door open for people in need of assistance is considered common courtesy and this is still positive. Ask yourself, would you hold the door open for a lady in distress? If like most of us you would, then this leaves you susceptible to a well-planned social engineering exploit. It is this very trait that assailants are looking to exploit.