Proceedings of the International scientific and practical conference ―Science, Technology and Culture: Dynamics of Change in the XXI Century‖ (December 1921, 2025) / Publisher website: www.naukainfo.com. – Baku, Azerbaijan, 2026. – 90 p.

26 can only be effectively countered through a deep understanding of the nature of the attacks and a comprehensive approach to protection. Methodological basis includes a systems approach, theoretical analysis and synthesis of scientific literature, international standards, the comparative – analytical method, case studies of real incidents, situation modeling, and expert assessments. Social engineering is the art of manipulating people into voluntarily disclosing confidential data or performing actions required by the attacker. Unlike classic hacking attacks that seek technical vulnerabilities, social engineering specifically exploits weaknesses in human psychology: trust, fear, urgency, curiosity, and a sense of duty. The term gained wide recognition thanks to Kevin Mitnick, who in the 1980s and 1990s gained access to protected systems by simply calling employees and posing as a colleague or technical support. Today, attacks are closely integrated with technical tools: attackers actively use data from open sources, create deeply personalized scenarios, and use artificial intelligence to generate texts, voice, and deepfake videos. Among the most common types of attacks are phishing and its derivatives: spear-phishing, whaling, vishing, and smishing. A special place is occupied by pretexting-creating a detailed, plausible legend and conducting a live dialogue, during which the attacker improvises and answers any clarifying questions from the victim, demonstrating deep knowledge of the organization's internal workings. Protection against social engineering must be multi-layered and combine technical, organizational, educational, and procedural measures. At the technical level, modern anti-phishing filters based on machine learning, mandatory multi-factor authentication, DLP, EDR, and IDS/IPS systems are effective. Organizational measures include clear security policies, the principle of least privilege, strict control of physical access, and mandatory dual verification of critical operations. The most important component remains regular staff training: mandatory workshops, analysis of real cases, and, most importantly, controlled simulations of phishing, vishing, and pretexting, followed by an individual analysis of errors. It is important to foster a culture in which reporting suspicious activity is encouraged rather than punished.