In what has to be one of his coolest articles in a long time — profusely illustrated, too, no less — Emmett Dulaney strikes gold over at CertCities.com with “A Visual Guide to Social Engineering.” He mentions this stuff in the context of the upcoming revision to the CompTIA Security+ exam due out next month, but anybody who has any kind of background in information security recognizes social engineering as a catch-all term for various forms of personal behavior and crafty manipulation of others that enables attackers to crack security of all kinds and gain access to (or even steal) information, credentials, and sometimes even hardware or money.
Dulaney’s article focuses on overt physical behaviors as well as illicit online activity with photos to illustrate how these forms of social engineering work. You’ll find information on tailgating, shoulder surfing, dumpster diving, phishing, and hoaxes, all humorously illustrated and explained to make them approachable and easily understood. Emmett wouldn’t have to stretch too far to turn this article into an excellent primer for ISAT, aka “Internet Security Awareness Training.”
You definitely want to check this one out!