Cyber Security Training & Software for Companies | MetaCompliance


Discover our suite of personalised Security Awareness Training solutions, designed to empower and educate your team against modern cyber threats. From policy management to phishing simulations, our platform equips your workforce with the knowledge and skills needed to safeguard your organisation.

Cyber Security eLearning

Cyber Security eLearning to Explore our Award-Winning eLearning Library, Tailored for Every Department

Security Awareness Automation

Schedule Your Annual Awareness Campaign In A Few Clicks

Phishing Simulation

Stop Phishing Attacks In Their Tracks With Award-Winning Phishing Software

Policy Management

Centralise Your Policies In One Place And Effortlessly Manage Policy Lifecycles

Privacy Management

Control, Monitor, and Manage Compliance with Ease

Incident Management

Take Control Of Internal Incidents And Remediate What Matters



Explore the versatility of our solutions across diverse industries. From the dynamic tech sector to healthcare, delve into how our solutions are making waves across multiple sectors. 

Financial Services

Creating A First Line Of Defence For Financial Service Organisations


A Go-To Security Awareness Solution For Governments


A Security Awareness Training Solution For Large Enterprises

Remote Workers

Embed A Culture Of Security Awareness - Even At Home

Education Sector

Engaging Security Awareness Training For The Education Sector

Healthcare Workers

See Our Tailored Security Awareness For Healthcare Workers

Tech Industry

Transforming Security Awareness Training In The Tech Industry

NIS2 Compliance

Support Your Nis2 Compliance Requirements With Cyber Security Awareness Initiatives



From posters and policies to ultimate guides and case studies, our free awareness assets can be used to help improve cyber security awareness within your organisation.

Cyber Security Awareness For Dummies

An Indispensable Resource For Creating A Culture Of Cyber Awareness

Dummies Guide To Cyber Security Elearning

The Ultimate Guide To Implementing Effective Cyber Security Elearning

Ultimate Guide To Phishing

Educate Employees About How To Detect And Prevent Phishing Attacks

Free Awareness Posters

Download These Complimentary Posters To Enhance Employee Vigilance

Anti Phishing Policy

Create A Security-Conscious Culture And Promote Awareness Of Cyber Security Threats

Case Studies

Hear How We’re Helping Our Customers Drive Positive Behaviour In Their Organisations

A-Z Cyber Security Terminology

A Glossary Of Must-Know Cyber Security Terms

Cyber Security Behavioural Maturity Model

Audit Your Awareness Training And Benchmark Your Organisation Against Best Practice

Free Stuff

Download Our Free Awareness Assets To Improve Cyber Security Awareness In Your Organisation

MetaCompliance | Cyber Security Training & Software for Employees


With 18+ years of experience in the Cyber Security and Compliance market, MetaCompliance provides an innovative solution for staff information security awareness and incident management automation. The MetaCompliance platform was created to meet customer needs for a single, comprehensive solution to manage the people risks surrounding Cyber Security, Data Protection and Compliance.

Why Choose Us

Learn Why Metacompliance Is The Trusted Partner For Security Awareness Training

Employee Engagement Specialists

We Make It Easier To Engage Employees And Create a Culture of Cyber Awareness

Security Awareness Automation

Easily Automate Security Awareness Training, Phishing And Policies In Minutes


Meet the MetaCompliance Leadership Team


Stay informed about cyber awareness training topics and mitigate risk in your organisation.

What is Social Engineering?

header social engineering

about the author

Share this post

Social Engineering is a term we hear constantly in the news relating to cyber-attacks, but what exactly does it mean?

Social Engineering is the art of manipulating people into performing certain actions or divulging confidential information.

Rather than use traditional hacking attacks, cybercriminals take advantage of our trusting human nature to trick us into breaking normal security practices.

These types of attacks have grown in frequency and sophistication, and are proving to be a very successful way for scammers to gain unauthorised access to computer networks and sensitive data.

Social Engineering attacks come in many different forms but the common thread running through them all is their exploitation of human behaviour. The following examples are the most common forms of attack used.


What is Social Engineering?

Phishing remains the most popular social engineering attack of all due to its high success rate. The majority of all cyber-attacks can be traced back to a phishing email and the online scam works by tricking people into giving out sensitive information or downloading malicious malware.

Phishing emails are designed to look genuine and will appear to come from a legitimate source. The email will include a link or attachment which once clicked, will infect a computer with malware.


What is Social Engineering?

Vishing is a combination of the word voice and phishing and refers to phishing scams that take place over the phone. It has the most human interaction of all the social engineering attacks but follows the same pattern of deception. The scammers will often create a sense of urgency to convince the victim to divulge sensitive information.

The call will often be made through a spoofed ID, so it looks like it’s coming from a trustworthy source. A typical scenario will involve the scammer posing as a bank employee to flag up suspicious behaviour on an account. Once they have gained the victim’s trust they will ask for personal information such as login details, passwords and pin. The details can then be used to empty bank accounts or commit identity fraud.


What is Social Engineering?

Smishing is a type of phishing which uses SMS messages as opposed to emails to target individuals. It is used by criminals to encourage individuals to divulge personal information such as account details, credit card details or usernames and passwords. This method involves the fraudster sending a text message to an individual’s phone number and usually includes a call to action that requires an immediate response. Messages will often claim to be from Banks, Tax Revenue Systems and even your own friends. They may ask you to click a link, call a number or they may even inform you that you are about to receive a phone call from a support member.

Spear – Phishing

What is Social Engineering?

Spear-Phishing is a more targeted attempt to steal sensitive information and typically focuses on a specific individual or organisation. These types of attacks use personal information that is specific to the individual in order to appear legitimate. Learn more about spear phishing.

The scammers will often turn to social media to research their victims. Once they have a better understanding of their target, they will start to send personalised emails which include links which once clicked will infect a computer with malware.


What is Social Engineering?

What distinguishes this category of phishing from others is the high-level choice of target. A whaling attack is an attempt to steal sensitive information and is often targeted at senior management or other high-profile targets such as politicians or celebrities. The word whaling is used to indicate that the target being pursued is a big fish to capture.

Whaling emails are a lot more sophisticated than your run of the mill phishing emails and much harder to spot. Typically, the emails will contain personalised information about the target or organisation and the language will be corporate in tone. A lot more effort and thought will go into the crafting of these emails due to the high level of return for the scammers.


What is Social Engineering?

Baiting, as the name implies involves luring someone into a trap to steal their personal information or infect their computer with malware.

To entice victims to fall for their trap, baiters often use offers of free music or movie downloads if users provide their login details. Another popular baiting trick involves leaving a malware-infected device such as a USB stick in a place where someone can find it.

The scammers rely on human curiosity to complete the scam and by inserting the device into their computer to see what’s on it, malware is in turn installed.


What is Social Engineering?

Tailgating involves someone following an employee into a restricted area. These attacks are often carried out offline but can lead to future online attacks.

A common example of this type of attack is someone posing as a delivery driver and waiting until an employee approaches the building. The attacker will then ask them to hold the door open for them so they can gain access. Once inside, the attacker may gain access to sensitive company information.

To prevent yourself from falling victim to these types of attacks, there are a number of steps you can follow. Never open emails from unknown sources, don’t click on suspicious links, install anti-virus software and read your company’s privacy policy.

To find out how MetaCompliance can help protect you from these types of social engineering attacks, click here

Other Articles on Cyber Security Awareness Training You Might Find Interesting