Body language, gestures, and facial expressions can be analysed to identify attackers entering a premise to instal malicious hardware or software.

Social engineering experts Chris Hadnagy and Paul Kelly said malicious social engineers who attempt to compromise an organisation by physical intrusion may display discomfort such as crossing their arms, and show facial expressions that aren't in line with what they say.
But Kelly, who formerly served as a special agent in the US Secret Service for more than twenty years, explained that when verbal and nonverbal communication are contradictory it was dangerous to jump to the conclusion that someone is lying.
"Do not make a rush to judgement,” Kelly told delegates at the SC Congress. "Do not make a decision unless you have all the input."
He said “misattribution of emotion" was a "vulnerability in judgement”.
In order to mitigate socially engineered attacks, Hadnagy suggested that companies implement security awareness training and actionable policies at work, meaning enforcing rules that employees can realistically follow.
He also said that management should carry out regular tests that mimic real-life attack scenarios and response plans.