CAPEC-409 - Information Gathering from Non-Traditional Sources

An attacker uses sources of information which are less obvious and often overlooked to learn about the target person or organization. These sources could be industry experts or insiders who might reveal key pieces of information that help the attacker determine possible social engineering vulnerabilities in the target. Other types of oblique information gathering might be to case or stalk particular employees to find out popular after work venues. The attacker would then visit that venue and sit in close proximity to the target individuals to gather information.