The material is devoted to solving an individual task of the research aimed at automating the construction of estimates of protection of users and, indirectly, critical documents from social engineering attacks. This issue is closely related to soft social computing. Also the estimates of protection of users are the basis of building a expert system, which can substitute for a social engineering specialist. The material describes the models of the following: the malefactor, the user, the relationships between them, the critical document, the information system, all of which represent the basic entities necessary for simulating social engineering attacks and building appropriate attack trees. Here we propose an approach to estimating the probability of a successful social engineering attacking impact by a malefactor on the user, based on the use of triangular norms. The conclusion is reached that in conditions of a lack of information for soft estimates at this stage, t-norms may be applicable, since, firstly, they provide the expected properties of a combination of the malefactor’s competency and user vulnerability models, secondly, they are not computationally difficult and, thirdly, in a number of cases allow for an understandable interpretation within the proposed area.