ABSTRACT
This chapter explores some of the social engineering roles and use a well-established psychology framework to help information technology (IT) security professionals understand some of the attack interactions. It is important to remember that the child response may be in some ways directed, with the parent nature of the social engineering attacker forcing the target to feel uncomfortable. If people are forced out of their comfort zone, then a reaction can be to revert to child-like behaviour. By adopting the role of a parent, treating the target as a child, the natural response from the target can be directed to that of the child. A good solid role for most social engineering situations. In general, people expect to receive instructions from managers. Employees also, on occasion, expect to be pressured into taking immediate action by managers. In addition, new managers sometimes like to make an impact, explaining the urgency of IT security professionals requests.
