IntroductionThis article analyzes social engineering technology and tools used to test the human element against its capabilities and limitations in the areas of confidentiality, integrity and availability. The analysis covers the usefulness, costs and complexity of implementing social engineering toolkits and how its effectiveness can be improved. Social engineering is all those activities carried out by a hacker to manipulate the human tendency to trust in order to gain unauthorized access to the valuable information that is in the computer system. The IT specialist agrees that despite the use of secure networks and firewalls, IT security is based on trust in protection and authenticity. The easiest place for attackers in the computer network is the human willingness to trust people based on what they have said. This makes any system very vulnerable to attacks from criminals. While the company's IT specialist can do everything to protect the system from malicious attacks, it is up to the people using the system to ensure that the company network is secure. The rise of Internet-based social networks has created a revolution by improving social connectivity. However, criminals and other malicious Internet actors have exploited this capability for nefarious purposes. There are two main tactics used by criminals to exploit people on online social networks. The two methods will mostly be used together by criminals. The first is that computer-savvy hackers could install unwanted software on the user's computer or phone in order to obtain personal information. This is mainly done by people specializing in...... middle of paper ......an: Social Engineering Techniques and SecurityCountermeasures Published by Gower Publishing Ltd. ISBN 0-566-08773-1 or ISBN 978-0 - 566-08773-Mitnick, K (2002). "The Art of Deception", p. 103 Wiley Publishing Ltd: Indianapolis, Indiana; United States of America. ISBN 0-471-23712-4Mitnick, K, William L., & Wozniak, S. (2002). The Art of Deception: Controlling the Human Element of Security Published by Wiley. ISBN 0-471-23712-4 or ISBN 0-7645-4280-XMitnick, K., & Simon, W. (2005). "The art of intrusion". Indianapolis, IN: Wiley Publishing.Mitnick, K., Kasperavičius, Alexis. (2004). CSEPS course workbook. Mitnick SecurityPublishing.Palumbo, J., (2000). “Social Engineering: What is it, why is it so little talked about, and what can be done?”, SANS Institute, 26 July 2000Stevens, G., (2003) “Enhancing Defenses Against Social Engineering” SANS Institute, March.