Social-enineer.org released their report of the social-engineering contest held at DEFON 18. The results are alarming.
They held a social-engineering capture the flag, targeting large companies like Microsoft, Cisco, Coca Cola and Pepsi. It turns out that relevant information was gained quite easily. It didn't take a seasoned social-engineer to do it. Easy access to social media, like Facebook, Linked-in and Google maps, in combination with customer services that are focused on customer satisfaction gave a lot of information. Even harder targets fell easily for believable chosen pretexts. Without good guidelines people tent to go to their default modus operandi, which is being helpful.