I recently talked at different events on social engineering or at least touched the theme. You might know the layer 8 problem J

When I had some discussions after my speech I realized that close to nobody (I talked with) knew about the "The Art of Deception: Controlling the Human Element of Security" by Kevin Mitnick. You probably know Kevin Mitnick – he was one of the first hackers being sent to jail. A lot of his attacks were about ticking people rather than really hacking systems. He then summarized his experience in a book. The way he does it is that he tells stories about different levels of attacks. When you read the first story you think: these things will never happen to me (at least this has been my initial reaction being one of these paranoid security people). When you reach towards the end of the book, you start thinking differently….. It is definitely worth reading

Roger