CAPEC-405 - Social Information Gathering via Research

An attacker employs various methods of information gathering to collect a body of information that facilitates the attackers' goals toward the target organization. Because an attacker's goals can vary so widely during this phase there is no one particular methodology that is often employed. During the research phase, for example, an attacker could use a company's automated directory service via the telephone to identify individuals in key positions of authority. Other methods could involve casing an establishment during high traffic hours to determine how strictly employees monitor who is entering the building behind them or something as simple as internet searching. Gathering information to support social engineering exercises is much the same as research you do for anything else. You need a goal in mind when you start in order to keep the research focused. Having a clear objective helps you determine what information is relevant to the end goal and what can be ignored. This holds true not only for the information gathered but also for how it's gathered.