Social Engineering is a huge threat in today’s business landscape. Just like any other security exposure, before we can protect against it we have to understand the nature of the danger. Darren Miller has written an article describing one scenario in which social engineering is used to defeat external perimeter security without too much effort. Miller’s article concludes with a concise and accurate definition of social engineering.
In the world of computers and technology, social engineering is a technique used to obtain or attempt to obtain secure information by tricking an individual into revealing the information.
There’s more fun with social engineering at the IRS described at the Security Focus site. And they trust these guys with your social security numbers?