Other Methods

• Diversion Theft - Used mostly with theft, but still considered a Social Engineering method. The purpose is to convince a legitimate delivery person who is bringing a delivery to an address, that the package is requested somewhere else, usually "around the corner".
• Phishing - The use of email or websites to gather personal information by pretending to be a trustworthy organization. For example, an ethical hacker may send an email, pretending to be a member of the organizations IT support team in order to have the user provide them with login credentials. They could go further by creating a custom website to pose as a password reset application for the company in order to get passwords and login information.
• IVR or phone phishing (aka. vishing) - The use of an interactive voice response (IVR) system to create an official-sounding bank IVR system to trick people into providing their personal information. An example is where a hacker will pose as a bank employee or even use another IVR message to advise the target they have to call into the bank to correct an issue. They provide a number (not the bank's) for the target to call in on and when he/she does, they record their account information as it is entered into the phone.  A hacker could even perform something similar in that they use the same method, but instead attack a company employee in order to have them attempt to enter their password via the telephone.
• Baiting - A hacker will leave a CD-Rom or USB flash drive where it is sure to be found. When a person places the unit into their system it installs malware (possibly viruses).  This malware could simply cause issues on a target’s system or could even be used to pass personal information back to the hacker. Baiting is one of the only social engineering methods that will use technology to attain its goals.

Final Summary

As you can see here Social Engineering is probably the most dangerous attack for an organization or an individual.  There are so many techniques that in a normal instance would seem totally innocent, but in actuality could be quite the opposite.  Everyone should be on their guard.  We don't want you to be suspect of everyone, but a healthy dose of caution when dealing with your own personal, confidential information can never hurt in any situation.

As the Russian proverb goes, "Trust. But verify".