Corporate Spying: Snooping, by Hook or by Crook

Corporate spies come in many guises, but they all have one thing in common: They want to use your company's secrets for competitive gain. This is a five-step guide to how snoops operate.

"People get pretty sophisticated in their scams," says Lew, who makes sure Dial employees receive awareness training. "They'll come up with a plausible answer to any question you might have. Before you know it, a five-minute survey turns into a 20-minute gut-wrenching experience, and you hang up thinking, 'I took care of that, I'm an expert.'" In fact, quite the opposite is true. You've just been duped.

This is the kind of social engineering that infamous hacker Kevin Mitnick glamorizes in his new book The Art of Deception. Such scams might also include "pretext" calls from someone pretending to be a student working on a research project, an employee at a conference who needs some paperwork or a board member's secretary who needs an address list to mail Christmas cards.

Most of those calls aren't even illegal. Although it is against the law to pretend to be someone else in particularSam up in the CEO's officeit's not illegal to be dishonest, points out Richard Horowitz, a New York attorney who helped formulate SCIP's guidelines. People do it all the time. "It's not illegal to lie and say to someone, 'Yes, your daughter looks beautiful on her wedding day,'" he says.

In the business world, "Whenever someone manages to get information about you that you didn't want them to have, you're going to call it espionage," he continues. "People use the words theft and spooking and spying when they don't like what the other person does."

Meanwhile, the other person has plenty more tricks.Go Into the FieldDuring the technology boom, one early morning flight from Austin, Texas, to San Jose, Calif., earned the nickname the "nerd bird." Shuttling businesspeople from one high-tech center to another, that flight and others like it became good places for job recruiters. They also became great places for competitive intelligence professionals, who might overhear useful discussions among coworkers talking loud enough to be heard over air vents and engine roar, perhaps behind a shoulder-surfable PowerPoint presentation or financial spreadsheet.

Any public place where employees go, snoops can also go: airports, coffee shops, restaurants, and bars near company offices and factories, and, of course, trade shows. There, an operative working for the competition might corner one of your researchers after a presentation or pose as a potential customer to the sales team to try to get a demo of a new product or learn about pricing.

Again, this isn't illegal or even, some say, unethical. Fuld & Co. once did a scruples survey asking 122 competitive intelligence professionals in Europe and North America whether it was normal, aggressive, unethical or illegal to take off your badge before approaching a competitor at a trade show. In North America, 34 percent of respondents considered this behavior aggressive, and 50 percent found it unethical. In Europe, however, 56 percent of respondents said this was normal behavior. That's your problem, by the way. "It behooves the person on the other side of the trade show booth to find out who you are," Fuld says.