Social engineering can also be an in-person attack where a social engineer directly manipulates a target into complying with some requests. They may approach people at their places of work, restaurants, bars, during corporate events, and so on. They will likely have done research on the target and will know exactly what to ask. To reduce in-person attacks, the following should be done:

• Physical security: Guards should always confirm appointments of visitors to organizations. They must never compromise the security of an organization due to persuasive arguments from visitors that they have been called for with urgency.
• Attentiveness: Employees should report unfamiliar people entering sensitive rooms or offices within an organization. Employees should also avoid the courtesy of using their passes to let strangers into secured parts of a workplace.
• Carefulness: Employees should avoid leaving sensitive documents on their work desks. They should also avoid leaving sticky notes with their credentials stickered on their desks or on their monitors. Employees should also lock their screens when leaving their desks. There is always the risk that a stranger may maneuver around the physical controls in place and get into an organization's premises.