Session Abstract: We all have faced phishing attempts, however, most people have no idea how this is actually done. During this talk, I will briefly define social engineering and the most common techniques used for phishing, moving to the specifics, where I will start explaining how all the planning, OSINT and profiling is done, moving next to the technical details briefly explaining what kind of tools are used for email based phishing, smishing (sms phishing) and vishing (voice phishing). During this talk, I'll also share some novel techniques that our red team has been using in the last few months.Summary: How does social engineering work, from planning to execution? You probably have asked yourself this question. Well, during this talk, I will explain what social engineering is, and then focus on various phishing techniques, from planning to execution.Additional Information: