This method of information gathering is the simplest of them all and it is still being used. It is where a social engineer looks over the shoulder of a target to gather information of whatever they are reading or typing on their computational devices:
Typically, the social engineer will be able to see passwords, confidential data, plain text credentials, and other types of sensitive information that a target will be accessing. It is done anywhere that people use their computers, especially in coffee shops, airports, public parks, and even restaurants.
An example of shoulder surfing is shown in the following image: