How to think like a con artist (part 1)

"They had spotted me when I was still a block away, followed me [using CCTV cameras], and picked me up just before I was able to approach a female employee and ask her to let me into the building," he said.

In other words, a successful social engineering hack is no snatch-and-grab job. It requires real diligence. "If you're going to be doing this work, you have to have a detailed plan," Winkler says. "The less training you have, the more detailed the plan you have to follow."

Do: Play on common interests when conversing with your target

Spies do not just walk up to random people on the street and ask them to divulge their country's secrets. They take weeks, months, or even years to develop a rapport with a target, gradually asking them to release increasingly more sensitive information. Security experts call this process "elevating the situation."

But when it comes to social engineering, time is generally of the essence. Nobody can strike up a deep, confiding friendship in the course of one conversation or phone call. And here is where context and intuition come in.

From the beginning of your white hat social engineering hack, pay close attention to your target, assimilating as much as you can about him or her as quickly as possible. A keen sense of observation and a knack for profiling can help tip you off to topics of conversation that will resonate with your dupe.

Proving you are a member of the same "tribe" is essential to earning trust quickly and ensuring you are more deserving of assistance than some stranger off the street.

Do: Exploit human nature

Human beings, social creatures that we are, are taught from a very early age that helping others is a worthwhile practice, especially those with whom we most identify. For the con artist, nothing helps a black-bag job go more smoothly than the victim's innate desire to be helpful.