Items Tagged with "Social Engineering"
November 01, 2010 Added by:Christopher Burgess
Ever opened your email inbox and seen a request to assist a fledgling company with their accounts receivables for a percentage of each transaction? These offers may be seen as a way to bring a few extra dollars, but they may be a front for any number of organized criminal entities...
October 25, 2010 Added by:PCI Guru
As I constantly like to remind everyone, security is not perfect. Social engineering is one of the most insidious attack techniques around. Unfortunately, organizations do little to address social engineering and have only made social engineering easier over the years...
September 24, 2010 Added by:Katie Weaver-Johnson
In a recent incident, a man called a 24-hour Wal-Mart in Ohio and explained to an associate that he was with Wal-Mart’s IT department and needed the associate to activate several gift cards, read to him the card numbers and then provide the authorization codes from the back of the cards...
September 10, 2010 Added by:Sean Inman
There are many ways that a perpetrator may prey on the trusting human nature to gain access to information or systems. Here are several examples of social engineering methods, along with suggestions to minimize the likelihood that such methods will be successful...
September 09, 2010 Added by:Robert Siciliano
Recognize that while you are generally not being swindled by those who call you, there is a chance that you may be. This means having systems in place regarding what can be said to whom, when, and why. Training on social engineering and how to prevent it is a must for any company...
August 30, 2010 Added by:Sean Inman
Like fraudsters generally, social engineers take advantage of human gullibility. In a corporate context, social engineering is a factor in many information security incidents, including those perpetrated by insiders...
August 05, 2010 Added by:Katie Weaver-Johnson
With just two phone calls, a hacker posing as a Louisiana-based employee handling claims involving the Gulf oil spill was able to trick a computer support employee at BP into divulging sensitive information that could have proved crucial in launching a network attack...
July 13, 2010 Added by:Robert Siciliano
Defcon is known for its antics but it’s also an event where hackers of all flavors improve their skills. The game they are playing this year is a social engineering fun-o-rama called Social Engineering CTF, referencing the game Capture the Flag...
June 29, 2010 Added by:Dan Dieterle
People do not understand how dangerous it is to click on unknown links in an e-mail or even on a website. Hackers will disguise their malware shell and make it look very appealing. Be it a video codex that you must install to watch a video that you really want to watch or even a webpage that tells you that you have a virus and you must install and run the latest online anti-virus scanner to remove...
May 19, 2010 Added by:Robert Siciliano
The Anti Phishing Working Group published a new report seeking to understand such trends by quantifying the scope of the global phishing problem, especially by examining domain name usage and phishing site uptimes. Phishing has always been attractive to criminals because it has low start-up costs and few barriers to entry.
February 28, 2010 Added by:Wayde York
What does our enterprise information have in common with President Obama and Vice President Biden? The need for constant protection. Your enterprise data needs protection from the host of technical and human threats that seem to evolve daily. The President and Vice President require the same protection, albeit amplified due to their position in the world power scheme.
December 30, 2009 Added by:Fred Williams
I previously listed ways to gain valuable information on hacking targets using little work and no dumpster diving. The previous post was geared towards attacks computer systems but not human targets.What is a little more interesting is attacking specific people. This is one of the key issues behind Facebook' recent privacy issues. Never mind a user setting a "privacy filter" ...
From the Web
December 09, 2009 from: Office of Inadequate Security
The latest in the Data Breach Investigations Report series by Verizon Business security experts provides enterprises with an unprecedented look at the 15 most common security attacks and how they typically unfold.
From the Web
October 26, 2009 from: hackyourself.net
A simple but effective call spoofing technique has hit the main stream. Former high profile Dolce & Gabbana publicist Ali Wise used a phone call spoofing service called SpoofCard to listen to her ex-boyfriend's voicemails. The service hides the phone number you're calling fro...