Social Engineering (SE) is both incredibly complex and amazingly simple.
What really is social engineering? Social Engineering is defined as the process of deceiving people into giving away access or confidential information. Wikipedia defines it as: “is the act of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim.”
Due to the mystery surrounding social engineering many people are afraid of it, or they feel they will never be able to accomplish a successful social engineering test. However, every time you try to get someone to do something that is in your interest, you are engaging in social engineering. From children trying to get a toy from their parents to adults trying to land a job or score the big promotion, all of it is a form of social engineering.
Those are the beginning paragraphs to an interesting site:
We will use it as the launching point for exploring the best way for organizations who realize what a tremendous responsibility they have in the assets that they are storing.
Step I – Find the right person to learn this expertise.
Step 2 – Have them wander the site for a while.