In any social engineering attack, the social engineer wants the target to take action and either say something or do something. It could be as little as answering some questions or as much as giving a social engineer a tour of a restricted area in an organization. Elicitation occurs through simple conversations with people. Small conversations are held between strangers every day and thus people are not so much alarmed when strangers approach them and engage them in small talk. It could be at a queue in a store, a table in a restaurant, or during an event. There is a high chance of sparking a conversation with a target if prior research has been done about them to find out the places they frequently visit and things that they like doing in such places. There are three steps towards initiating a successful small talk with a stranger. These are as follows:

• Being natural: A target will kill a conversation if the person trying to hold it looks uncomfortable and unnatural. Therefore, a social engineer must always communicate through posture and other non-verbal cues of confidence and naturalness. Also, a social engineer should initiate conversations that he has some knowledge about. Nothing brews a lack of confidence faster than a lack of things to say to a target. This brings us to the second step.

• Being knowledgeable: A social engineer must have knowledge about the things he or she aims to start a conversation with. In the preceding example of a conversation with the CFO of a company, the social engineer started the conversation by mentioning the company's financial situation. He or she must have had time to go through the numbers and thus have something that sparks interest with the CFO when initiating the talk. With this knowledge, the social engineer had something that he or she could boldly talk about with the CFO. If, however, there is not much information that a social engineer has to start a conversation with a CFO, there is the option of choosing the pretext of a researcher or a journalist.
• Being generous: In the previous chapters, the issue of reciprocation was discussed where when one is given something, there is always an urge to give something back. In order to start or maintain a conversation, it is important for it to be a give and take situation. It is through this approach that a social engineer can dig deeper into an organization by pretending to be giving the target more intrinsic details about his supposed organization. Generosity can also come in to play from the aspect of who dominates the conversation. In an earlier chapter, it was noted that the best conversationalists are good listeners. Therefore, the social engineer never dominates the conversation. He or she lets the target talk more and therefore reveal more.

The discussed steps will ensure that one can start and maintain a healthy conversation. These steps are not only effective in social engineering attacks but also in normal conversations. In addition to these three steps is energy. This is expressed through the tone of one's voice, appearance, and non-verbal cues. In dog training sessions, new owners are told that their energy affects the energy of their dogs. Therefore, they have to approach their dogs with the right energy and avoid being tense and anxious. It is just the same in social engineering. Social engineers will present themselves to their targets with the right energy depending on the pretext they choose to use.