This chapter has looked at how social engineering attacks can be prevented and mitigated. It first looked at how one can identify possible social engineering scenarios. The chapter has discussed ways in which one can tell that an email is aimed at trying to manipulate them. Since most social engineering attempts will be made through emails, things that should be considered when evaluating whether an email is sent from social engineers have been discussed. General identifiable patterns of phishing were also discussed. Other signs in general communication such as grammar that can hint at possible social engineering attacks have also been highlighted. The chapter then discussed how users can mitigate social engineering attempts orchestrated ...