Social Engineering
    |- Definition
        |- Manipulating individuals to divulge confidential information
    |- Common Targets
        |- Receptionists and Help-Desk Personnel
        |- Technical Support Executives
        |- System Administrators
        |- Users and Clients
        |- Vendors
        |- Senior Executives
    |- Impact on Organizations
        |- Economic Losses
        |- Damage to Goodwill
        |- Loss of Privacy
        |- Terrorism Risks
        |- Lawsuits and Arbitration
        |- Business Closure
    |- Vulnerable Behaviors
        |- Authority
        |- Intimidation
        |- Consensus or Social Proof
        |- Scarcity and Urgency
        |- Familiarity or Liking
        |- Trust
        |- Greed
    |- Factors Making Companies Vulnerable
        |- Insufficient Security Training
        |- Unregulated Access to Information
        |- Multiple Organizational Units
        |- Lack of Security Policies
    |- Why Social Engineering is Effective
        |- Preys on human psychology
        |- Cheap and easy to implement
        |- Difficult to detect
        |- No specific tools to fully safeguard
    |- Phases of a Social Engineering Attack
        |- Research the Target
        |- Select a Target
        |- Develop a Relationship
        |- Exploit the Relationship
    |- Social Engineering Techniques
        |- Human-based
            |- Impersonation
            |- Vishing (Voice Phishing)
            |- Eavesdropping
            |- Shoulder Surfing
            |- Dumpster Diving
            |- Baiting
        |- Computer-based
            |- Phishing
            |- Spam Mail
            |- Instant Messaging
            |- Scareware
        |- Mobile-based
            |- Publishing Malicious Apps
            |- Repackaging Legitimate Apps
            |- Fake Security Applications
            |- SMiShing (SMS Phishing)