An expert in the art of social engineering agrees that social media accounts like those scanned by Cerrudo are a gold mine.

"When I get hired to do a social engineering penetration test for a client the first thing we do is start gathering as much intel(ligence) as possible," said Chris Hadnagy, author of the book . "For calls and phishing emails nothing helps me more than finding social media accounts with lots of information on them."

Tools like the free and open source forensics tool Maltego allow anyone to link e-mail addresses with Twitter and other social networking accounts. Some tweaking and Googling turn up Facebook, LinkedIn and other accounts that divulge a wealth of information that can fuel attacks, Hadnagy said.

"I basically just look for schools, jobs, family, hobbies (and) personal interests and use that to craft my attacks," he said. "To date the success ratios for this method are very high."

Social engineering -- the art of human trickery -- is increasingly recognized as a key element in almost all successful cyber attacks. Hadnagy's firm, , now sponsors social engineering "" contests at Black Hat and other security shows, pitting contestants against prominent global corporations in search of "flags" - sensitive, but non-proprietary information.