The most direct way to get sensitive information from someone is to call them up and ask, Drier says.
With a little recon, a Social Engineer can come up with a pretty believable pretext and make some serious progress.
"I like to pretend I’m interested in a technical job they posted, and use that guise to get additional information from HR or wherever I happen to land. I can usually get them to ask for a resume, which makes for an excellent prelude for sending in some phishing emails," he explained.
"During one engagement, we had a target on the phone believing we were from IT. We were helping her ‘fix’ her computer, and during that process she had to change her password to a known value (letting us compromise her account). Once we were finished, she mentioned that everyone else in her department was experiencing the same fake problem, and she could help by having all her coworkers change their password to the same value. Why yes, that would be a huge help for us. Thanks!"