In the context of information security, social engineering is the use of psychological influence of people into performing actions or divulging confidential information. This differs from psychological manipulation in that it doesn't need to be controlling, negative or a one-way transaction. Manipulation involves a zero-sum game where one party wins and the other loses while social engineering can be win-win for both parties. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in the sense that it is often one of many steps in a more complex fraud scheme. It has also been defined as "any act that influences a person to take an action that may or may not be in their best interests."