Does anyone actually do a Social Engineering Exercise against their employees or facilities?
Here is a story.
On my first week of my last job (9 years ago). My CIO sent me to all of the Bank’s Branches with a Hat, Shirt and ClipBoard that had the local telecom’s logo on it. My first assignment was to walk in and ask to “Inspect the Lines”. I was unannounced and unintroduced at the time. The test was to see of the Branches would call into the help desk or their direct management to see why I showed up without prior notice. Less to say I got into several branches without a call or further lookup and most of those cases they left me by myself in the back or basement.