They’re saying “beware of Social Engineering”.Well, we want to be out of that said “Social Engineering”, but we just can’t do it if we’re still ignorant about it.

The PacketStorm define the Social Engineering as the art and science of getting to comply to your wishes.

Social engineering is the art and science of getting people to comply to your wishes. It is not a way of mind control, it will not allow you to get people to perform tasks wildly outside of their normal behavior and it is far from foolproof. (link)

Now, in the world of the internet technology, Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users.

In the field of computer security, social engineering is the practice of obtaining confidential information by manipulation of legitimate users. A social engineer will commonly use the telephone or Internet to trick people into revealing sensitive information or getting them to do something that is against typical policies. By this method, social engineers exploit the natural tendency of a person to trust his or her word, rather than exploiting computer security holes. …(link)

The Social Engineering is masquerading as a legitimate user just to gain privileged information from a system.

is the gaining of privileged information about a computer system by an unauthorized person masquerading as a legitimate user. The high-tech version of the old “confidence game.” (link)

Oftentimes, the Social Engineer will deceive users or administrators typically using telephone calls pretending to be an authorized user just to gain illicit access to systems.

An attack based on deceiving users or administrators at the target site. Social engineering attacks are typically carried out by telephoning users or operators and pretending to be an authorized user, to attempt to gain illicit access to systems. (link)

Mon Abasolo of PinoyTechBlog said that the best defense is consumer awareness and education regarding the confindial data.

The best defense is consumer awareness and education, whether you are an ordinary consumer or a company that treasures the confidentiality of its data. (link)

He enumerated 3 ways to avoid this threat:

1. Do not presume that the person is who he says he is
2. Do not unnecessarily volunteer information.
3. Protect sensitive information.

• Sign up for PayPal and start accepting credit card payments instantly.
  As the world's number one online payment service, PayPal is the fastest way to open your doors to over 150 million member accounts worldwide.
• Promote your product to high quality, targeted websites and blogs.
  Find effective, influential blogs and highly targeted audiences to advertise.Choose to display your ad across entire blog networks to maximize your exposure to a wide audience.