Cybersecurity researchers always ignore the “people” behind the issues when dealing with cyberspace security issues. The human
and technological aspects of cyberspace security must be simultaneously addressed to enable a secure cyber environment. Social
engineering is a discipline whose research object is people, and the combination of social engineering and cyberspace security can
provide new solution ideas for lots of cyberspace security issues. This paper attempts to answer the question —— “How to solve
cyberspace security issues via social engineering?” We briefly review existing frameworks for social engineering attacks and pro?pose a novel, recursive, and iterative framework for social engineering attacks in cyberspace. The existing research achievements
of combination of social engineering and cyberspace security were reviewed in the order of cyber personality, hacker psychology,
human flesh search, and social engineering defense. To answer this question, we summarized four “guidelines” for using social
engineering. Finally, we look ahead, give our thoughts, and discuss answers of the question and future research. It is aimed at
getting more researchers of cyberspace security and social science to pay attention to this field.