Six types of behaviors for a positive response to social engineering are as follows:
Scarcity Works on the belief that something is in short supply. It's a common technique of marketers, "buy now; quantities are limited."
Authority Works on the premise of power. As an example, "hi, is this the help desk? I work for the senior VP, and he needs his password reset in a hurry!"
Liking Works because we tend to do more for people we like than people we don't.
Consistency People like to be consistent. As an example," why should I badge in? Everyone else just walks in once someone opens the door."
Social validation Based on the idea that if one person does it, others will too.
Reciprocation If someone gives you a token or small gift, you feel pressured to give something in return.
Human-based social engineering works on a personal level. It works by impersonationposing as an important user, using a third-party approach, masqueradingand can be attempted in person.
Computer-based social engineering uses software to retrieve information. It works by means of pop-up windows, email attachments, and fake websites.
Reverse social engineering involves sabotaging someone else's equipment and then offering to fix the problem. It requires the social engineer to first sabotage the equipment, and then market the fact that he can fix the damaged device, or pretend to be a support person assigned to make the repair.
There are a few good ways to deter and prevent social engineering, and user awareness, policies, and procedures rate among the best.