Social Engineering is not a new branch offered by Visvewaraiah Technological University (VTU).
It is the technique of exploiting the most vulnerable link in your organisation’s computer network, i.e. humans.

Scenario 1:
Assume that you are working for an IT giant and all of a sudden a disaster similar to September 9/11 strikes.
Your company plans to reduce the  work force by detaining some employees.

The curiosity to know who have been short listed to be fired naturally spurts among employees isn’t it.
 Such a situation is ideally suited for the social engineering attack, where the hacker leaves a DVD /CD labeled “companies’ new policy” on the cubicles of different employees.

Employees curious to know about the organisation’s new policy might use the media in their PC and thus make way for malware to enter the organisation’s network. Such an attack is referred to as Gimmes/Trojan Horse attack

Scenario 2:
One fine morning the helpdesk of your organisation receives a call asking them to connect to the accountant.
 As soon as phone is transferred to the accountant:

Intruder: “Hi, Topiwala, Today isn’t a great day for you?

Accountant: It’s fine, I have no problems

Intruder: Don’t you know that your PC is malfunctioning

Accountant: No, it’s absolutely fine

Intruder: No, from the server room we are able to trace certain problems in your system, please logout and login again
(Accountant routinely follows the instruction given logs off and login without finding any bugs)

Intruder: De-fragment your system and switch off and switch on. (Accountant blindly follows the instruction given by the intruder auspiciously)

After making the accountant to carry out a series of operations, the Intruder asks for the login ID and password of the accountant in order to remotely login to the system.

The accountant carelessly hands over the password!

This is creative /inventive form of attack known as pretexting.

Scenario 3:
Quid pro Quo attack (something for something attack)

The famous AOL attack is a classical example for this form of attack.
A hacker started chatting with the technical support of AOL  and during the conversation, revealed that he had a car for sale at a throwaway price.

When technical support expressed interest in the offer, the hacker sent him an attachment containing pictures of car. As soon as technical support opened the attachments, malware running as a background process took entry into AOL’s network.

According to wikipedia in one of the surveys, more than 90 per cent of office workers gave away their passwords in exchange for a cheap pen!
Scenario 4:
Online attack, or phishing as it is popularly known is also one of the social engineering attacks.

Here hackers send links of a bank or financial institutions which contains the  logo and format of a legitimate bank and asks for credentials of the customer for some kind of verification.

Since the look and feel of the website appears legitimate, customers tend to give away their personal information to a fake site.