It’s been a while since I posted on here, so I thought I’d revisit the recommended reading lists. Given that this site is primarily for people with little or no knowledge or experience of information or cyber security, I thought it would be best to start with some background reading to set some foundations.

Social engineering is one of the biggest risks facing individuals and organisations today — not because of technology, but because attackers know how to manipulate people. These five books explain the tricks, psychology, and real‑world stories behind social engineering, all in clear, accessible language.

1. The Art of Deception — Kevin Mitnick

A classic introduction to how criminals trick people into giving away information. Mitnick uses real stories to show how attackers exploit trust, curiosity, and routine. It’s an eye‑opening look at why “the human factor” matters so much.

2. Social Engineering: The Science of Human Hacking — Christopher Hadnagy

A practical guide to the techniques social engineers use every day. Hadnagy explains how persuasion works, how scammers build rapport, and how to spot the warning signs before it’s too late.

3. Influence: The Psychology of Persuasion — Robert Cialdini

Not a cybersecurity book, but essential reading. Cialdini explains the psychological shortcuts we all rely on — the same shortcuts attackers exploit. It’s full of simple, relatable examples.

4. The Confidence Game — Maria Konnikova

A fascinating look at why people fall for scams. Konnikova blends psychology and storytelling to show how con artists operate and why even smart, experienced people can be fooled.

5. Hacking the Human — Ian Mann

A straightforward introduction to how criminals target people inside organisations. Mann explains common attack methods and offers practical advice for staying alert in everyday situations.