For spyware injection, a good method is a CD or a thumbdrive with an autorun script that injects the files into the machine. Then all that's needed is inserting and removing a CD, or doing the same with a thumbdrive. Operation that takes just a few seconds and can be done by an unskilled person.

One last thing/scenario: "Evil maid attack":

Target leaves his/her laptop to a hotel room in good faith as it's hard drive is encrypted. The hotel maid/cleaner comes and installs a password sniffer and comes back couple days after to collect the password and to steal the data:

http://theinvisiblethings.blogspot.com/2009/10/evil-maid-goes-after-truecrypt.html

In addition of just directly asking the needed information (which works surprisingly well), one common approach for the attacker is to get his/her hands to targets cell phone or computer "just to call/check something from the internet" and e.g.

- quickly scan for any sensitive documents
- use the device to get inside the protected perimeter: sending text, email, or calling from this "known number"
- using the open vpn connection to get to the intranet
- leaving some spyware behind to gather the needed information or other kind of malware to call home for establishing connection.
- installing an unsuspicious free internet utility "to help the guy", but which one has known unpatched vulnerability - which the attacker can use to get in later on

I can also recommend reading the "The Art of Deception", a great introduction to the subject.

Some good concrete ideas might come from stories over penetration testing - i.e. activity to test companies/products security level by attacking them via social engineering and technical ways.

There was even a attempt for a TV-series regarding pentesting, called "Tiger Team" but despite a good try it wasn't a success:

http://en.wikipedia.org/wiki/Tiger_Team_%28TV_series%29

Regarding social engineering, Kevin Mitnick's book "The Art of Deception" contains a nice set of examples.
http://en.wikipedia.org/wiki/The_Art_of_Deception

This data-in-images trick is called steganography.
http://en.wikipedia.org/wiki/Steganography

It can be used with images, with movies, with sound files. Uncompressed files are the best way. Discovering such hidden data then becomes an exercise in comparing probability distributions; preventing discovery then becomes the problematics of mimicking the probability distribution of the original bits with the data-carrying bits.

Long time ago, in 90's when there were some talks about restricting public access to cryptography, I thought up such scheme, called it "noise-level encoding". Abandoned it when I realized the state-of-the-art is way more advanced.

A possible thing to do is taking the masters for a music CD, and using the least-significant bits of the tracks to encode data. Then press the CD and distribute it. Then, once it's widely available, release the information that the LSB stream contains interesting stuff.

Not exactly connected to social engineering, but I read some years ago about that terrorists could use the graphics files, jpeg or some other pictures to carry their messages almost open for everyone. The trick was that there was a system to embed the message in certain areas of the coding, in five bits sequences for example. Only terrorists themselves knew how to extract the messages from the jpeg -pictures.

In this project worm that could be used: The connection to social engineering comes from the nature of the pictures. There could be for example some porn addict working in a company collecting pictures and then some computer criminal gets parts of his computer program code imported in that firm so thet code is spread in diffrent sets of pictures. The key program, "core", is a small set of instructions that comes in USB memory sticks boot sector and when launched it constructs from the data extracted from worker's picture collection a big computer program the Worm...

Just some ideas for the plot.

http://www.chrissanders.org/?p=34

http://www.simplehelp.net/2008/08/12/how-to-embed-hidden-messages-in-picture-files-os-x/

Agree :D