Social engineering and confidence tricks - the easiest way to obtain passwords?

This is a great article on the BBC showing how easy it is to obtain passwords and other confidential information by using basic social engineering and confidence tricks.

A recent report by PGP showed that 70% of all data breaches were down to insider failings, not outside hackers.

How much of your ITSec budget is spent educating your people to avoid being part of the 70%?

more here...