Social engineering is an old term that computer hackers have been using since at least the 1980s. It can be reduced to a simple adage: “If you can’t hack the computer, hack the user.” In other words, social engineering is the art of stealing electronic information through non-technical means, using deception to gain access to the desired data.

Many of the hackers who pioneered social engineering techniques now fight against it, as in the 80s, breaking into computers was often an illegal hobby, not a real attempt to criminally profit from stolen information. Nowadays, almost every sensitive piece of information about you is stored on a computer, somewhere, that can be accessed over the Internet, so the stakes are much higher than they ever were before.

Social engineering is a particular concern if you run a business with a significant public profile, or work for any organization that regularly stores sensitive information. Here’s a rundown of some of the techniques social engineers use to get your information:

Baiting: This entices someone to put a USB drive, CD or other storage medium in his computer out of greed or curiosity. For example, a bait device might be marked “executive salaries” or “employee discipline reports” to entice people interested in office gossip. Once the device is used, it installs spyware or some other malicious software that will relay sensitive information to the perpetrator as soon as the machine connects to the Internet.

Face to Face Impersonation: This requires a bit of acting skill, but it’s often effective. The scam artist actually enters the office himself, pretending to be an employee, repairman or someone else with a legitimate reason to be there. If a locked door gets in the way, the scammer uses a technique called “tail gaiting,” where he grabs the door before it closes after someone else goes through.

Pretexting: In Pretexting, the scammer uses a fake scenario (and sometimes, a fake identity) by phone or email. This pretext is designed to persuade you to share sensitive information. He might tell you you’ve won a prize, and need to share personal information to claim it, or that he represents a family member who can’t speak herself due to illness or injury.

 Quid Pro Quo: A variant of pretexting, the Quid Pro Quo technique promises a reward in exchange for the information, either directly (as per the lottery scenario above) or more subtly. For example, the scammer might offer to correct errors in a utility bill, but asks for banking information before proceeding.