I don't know about the most common way to break into networks. But I guess the possibility stands there. But in dealing with my own experiences with this sort of thing, sometimes it helps to mention Social Engineering at an office conference, or talk to the help desk people personally, it all depends on how big the company is. Because if you have 50 help desks with 10 people on each, that's alot of people to warn. Sometimes its best to contact the CEO or the person dealing with everyone. But why am I rambling about this ? I have seen actual incidents where someone from the same company would call a help desk to see how much system information he could get from them as a test to their loyalness to the company. Maybe more people should start doing this.

-N (Good to be back)