A social engineering attack is a continuous process that starts with initial research, which is the starting phase, until its completion, when the social engineer ends the conversation. The conversation is a brief coverage of the four phases that the social engineer follows to perform an attack.
In the research phase, the attacker tries to gather information about the target company. The information about the target can be collected from various resources and means, such as dumpster diving, the company's website, public documents, physical interactions, and so on. Research is necessary when targeting a single user.
In this phase the attacker makes the initial move by trying to start a conversation with the selected target after the completion of the research phase.