What is a common tactic used in social engineering attacks?

Phishing emails are a prevalent tactic in social engineering attacks, as they exploit human psychology to deceive individuals into revealing personal or sensitive information. This method typically involves sending fraudulent emails that appear to come from reputable sources, such as banks or popular services. The emails often contain urgent messages prompting the recipient to click on a link or provide information, leading to scenarios where attackers can capture login credentials or install malicious software.

This approach relies on tricking the target into breaking their usual security practices, making it an effective method for attackers to gain unauthorized access to systems or sensitive data. Other options like firewall breaches, data encryption, and patch management, while important in cybersecurity, do not represent social engineering tactics. They focus more on systems and technical protective measures rather than the psychological manipulation characteristic of social engineering.