Social Engineering Engagement Framework

The Social Engineering Engagement Framework (SEEF) is a framework developed by Dominique C. Brack and Alexander Bahmram. It summarizes years of experience in information security and defending against social engineering. The stakeholders of the framework are organizations, governments, and inpiduals (personals). Social engineering engagement management goes through three steps: 

1. Pre-engagement process: Preparing the social engineering operation
2. During-engagement process: The engagement occurs
3. Post-engagement process: Delivering a report

There are many social engineering techniques used by criminals:

• Baiting: Convincing the victim to reveal information, promising him a reward or a gift.
• Impersonation: Pretending to be someone else. 
• Dumpster ping: Collecting valuable information (papers with addresses, emails, and so on) from dumpsters.
• Shoulder surfing: Spying on other peoples' machines from behind them, while they are typing.
• Phishing: This is the most often used technique; it occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.