Before we jump into social engineering, I want to address the connection of TLS. We have DNS, TCP three-way handshake, and last we start the TLS session. It all begins with a hello from the client including the version of TLS and cipher suite. Then, server will respond with the cipher it picked and sends back its public key to the client.
Social engineering is the idea of tricking people into revealing significant information like personal password or valuable information invloves the secret of the company. I mean it is much easier than hacking into software.
What does a social engineering attack look like? In one word, you trust the person….