Security Information |
|
Social Engineering: You Have Been A Victim
Monday morning, 6am; the electric rooster is telling you it's time to start a new work week. A shower, some coffee, and you're in the car and off. On the way to work you're thinking of all you need to accomplished this week. Then, on top of that there's the recent merger between your company and a competitor. One of your associates told you, you better be on your toes because rumors of layoffs are floating around. You arrive at the office and stop by the restroom to make sure you look your best. You straighten your tie, and turn to head to your cube when you notice, sitting on the back of the sink, is a CD-ROM. Someone must have left this behind by accident. You pick it up and notice there is a label on it. The label reads "2005 Financials & Layoff's". You get a sinking feeling in your stomach and hurry to your desk. It looks like your associate has good reasons for concern, and you're about to find out for your self. And The "Social Engineering" Game Is In Play: People Are The Easiest Target When Did I Become a Victim of Social Engineering? The spreadsheet you opened was not the only thing executing on your computer. The moment you open that file you caused a script to execute which installed a few files on your computer. Those files were designed to call home and make a connection to one of our servers on the Internet. Once the connection was made the software on our servers responded by pushing (or downloading) several software tools to your computer. Tools designed to give us complete control of your computer. Now we have a platform, inside your company's network, where we can continue to hack the network. And, we can do it from inside without even being there. This is what we call a 180 degree attack. Meaning, we did not have to defeat the security measures of your company's firewall from the Internet. You took care of that for us. Many organizations give their employees unfettered access (or impose limited control) to the Internet. Given this fact, we devised a method for attacking the network from within with the explicit purpose of gaining control of a computer on the private network. All we had to do is get someone inside to do it for us - Social Engineering! What would you have done if you found a CD with this type of information on it? What Does It Mean to Be "Human" This knowledge gives the social engineer the tools needed to entice another person to take a certain course of action. Because of human weaknesses, inability to properly assess certain risk, and need to believe most people are good, we are an easy target. In fact, chances are you have been a victim of social engineering many times during the course of your life. For instance, it is my opinion that peer pressure is a form of social engineering. Some of the best sales people I've known are very effective social engineers. Direct marketing can be considered a form of social engineering. How many times have you purchased something only to find out you really did not need it? Why did you purchase it? Because you were lead to believe you must. Conclusion The main thing to remember is to rely on common sense. If some one calls you asking for your login and password information and states they are from the technical department, do not give them the information. Even if the number on your phone display seems to be from within your company. I can't tell you how many times we have successfully used that technique. A good way of reducing your risk of becoming a victim of social engineering is to ask questions. Most hackers don't have time for this and will not consider someone who asks questions an easy target. About The Author
MORE RESOURCES:
'Blow the whistle': Indiana's top election official spends $35k on security guide mailings • Indiana Capital Chronicle Indiana Capital Chronicle Violence in New Caledonia subsides slightly as France sends reinforcements for security The Associated Press Canada security intelligence chief warns China can use TikTok to spy on users, CBC reports Reuters.com House Passes Israel Security Assistance Support Act | House Committee on Appropriations - Republicans House Appropriations Israel Resists Grand Bargain as U.S. and Saudis Work on Security Pact The New York Times U.S.-Ukraine Security Entanglement Risks Forever War The American Conservative Sean 'Diddy' Combs Allegedly Paid $50K to Obtain Hotel Security Footage of Cassie Assault: Lawsuit PEOPLE Women are worried about their financial security. That may affect the 2024 presidential election CNBC Palo Alto Networks and IBM to Jointly Provide AI-powered Security Offerings; IBM to Deliver Security Consulting ... IBM Newsroom Now armed with AI, America's adversaries will try to influence election, security officials warn The Associated Press Security video appears to show Sean 'Diddy' Combs beating singer Cassie in hotel hallway in 2016 Washington Times Nuclear security through the eyes of the Co-Presidents of ICONS 2024 International Atomic Energy Agency Appropriators Lead Israel Security Assistance Support Act | House Committee on Appropriations - Republicans House Appropriations Security footage calls into question Anchorage police account of fatal shooting Alaska Public Media News Security Council Secretary: 'Not an Inch of Armenian Land Ceded to Azerbaijan' • MassisPost Armenian News by MassisPost FCC proposes BGP security measures Network World New Survey Finds a Paradox of Confidence in Software Supply Chain Security Security Boulevard Identity Management and Information Security News for the Week of May 17; Exabeam, Saviynt, VAST Data, and More Solutions Review Canada Releases Defense Policy Update to Boost Security Department of Defense NATO and Economic Security: A Political Oxymoron or Inevitability? CSIS | Center for Strategic and International Studies EXCLUSIVE: Two students uncover security bug that could let millions do their laundry for free TechCrunch Endpoint Security and Network Monitoring News for the Week of May 17; Alkira, Preamble, c/side, and More Solutions Review Amazon security guard tries to kill unsuspecting boss before he's shot dead in gunfight with police: 'He almost executed me' New York Post RSA Conference 2024: AI and the Future Of Security Security Boulevard Diddy Seen Physically Assaulting Cassie in Never-Before-Seen 2016 Hotel Security Footage Entertainment Tonight Putin has ditched his paranoid security chief. Here are 5 of the wackiest things Nikolai Patrushev has said. POLITICO Europe 7 months since Oct 7, UN Security Council holds first meeting entirely dedicated to Israeli hostages in Gaza All Israel News Fox News Poll: Abortion, economy, and border security are top deal-breakers in 2024 elections Fox News See cops working security at Tacoma grocery stores? Here’s why and what policies allow Tacoma News Tribune OWASP dep-scan: Open-source security and risk audit tool Help Net Security Opinion | Is TikTok Chinese ownership a U.S. national security issue? Come on. - The Washington Post Opinion | Is TikTok Chinese ownership a U.S. national security issue? Come on. The Washington Post UN sexual violence envoy pulls out of Security Council briefing on Hamas hostages The Times of Israel May 17: IDF fighter jet carries out rare strike on target in West Bank city of Jenin The Times of Israel Votiro Keeps Up the Momentum in 2024 Security Boulevard Enabling Continuous Zero Trust in Multi-Cloud Environments with Netography Fusion Security Boulevard An inspector general warned the Justice Department of gaps in its security clearance appeals process Government Executive Multnomah County Signs $40 Million Contract for Armed and Unarmed Security at County Facilities, Including Public ... Willamette Week A Free, Prosperous, and Secure Future for Ukraine - United States Department of State Department of State America's Envoy to the United Nations Gets 'Honest' With Security Council About the Fate of Hamas's Hostages The New York Sun Cybersecurity Insights with Contrast CISO David Lindner | 5/17/24 Security Boulevard Brothers Indicted for Stealing $25 Million of Ethereum in 12 Seconds Security Boulevard The Dell API Breach: It could have been prevented Security Boulevard The situation concerning Iraq - Security Council, 9628th meeting Welcome to the United Nations Response to CISA Advisory (AA24-131A): #StopRansomware: Black Basta Security Boulevard USENIX Security ’23 – AEX-Notify: Thwarting Precise Single-Stepping Attacks Through Interrupt Aware... Security Boulevard 'Abnormal' security video, Google Drive led to Stephan Sterns' arrest in Madeline Soto case, documents show WKMG News 6 & ClickOrlando JLOTS, an obscure Army-Navy capability, arrives in Gaza NavyTimes.com Making Safety and Security Intrinsic to School Design Campus Security Today U.S. Security Cooperation with Ukraine - United States Department of State Department of State Donald Trump to visit St. Paul. What are the security expenses? St. Paul Pioneer Press Belgium cuts off ticket sales for soccer match against Israel over ‘security concerns’ The Times of Israel Security fog machine helps deter burglars from Chatsworth business FOX 11 Los Angeles Galaxy Tab S9 lineup gets Android's May 2024 security update SamMobile - Samsung news French security forces impose 'calmer' situation in New Caledonia under emergency powers FRANCE 24 English EAM to India Inc: Use 'national security filter' in China deals The Times of India In first, UN Security Council holds meeting solely focused on hostages held by Hamas The Times of Israel |
RELATED ARTICLES
Avoid Internet Theft, Fraud and Phishing Since its birth, the Internet has grown and expanded to unprecedented, unmanageable proportions. Information, software, news, and much more flow freely through its twisted pathways. Ransom Trojan Uses Cryptography for Malicious Purpose Every day millions of people go online to find information, to do business, to have a good time. Alas, some people go there to commit crimes as well. From Spyware with Love! It's late. You've been scouring the web for that perfect present for your Aunt Bess in Idaho. Preventing Online Identity Theft Identity theft is one of the most common criminal acts in society today. Criminals will use your personal information such as banking accounts and passwords, to pretend that they are you. 3 Pervasive Phishing Scams Scams involving email continue to plague consumers across America, indeed the world. These so called "phishing" scams involve "spoofed" emails meant to draw the unwary to bogus internet sites masquerading as legitimate sites. 8 Surefire Ways to Spot an E-Mail Identity Theft Scam! The E-Mail Identity Theft Scam is running Rampant. These E-Mail Scam artists will go to great lengths to Get Your Bank Account information and Steal your Identity. Adware and Spyware: The Problems and Their Solutions The Threat10 years ago you could probably have run no Internet security applications and still have come out after a browse of the Internet with a virus and malware free computer, but this situation is no longer apparent. Several years ago, before I knew of the dangers of the Internet, I had absolutely no spyware or adware protection. How To Clean the Spies In Your Computer? Manual Spy Bot Removal > BookedSpaceBookedSpace is an Internet Explorer Browser Helper Object used to show advertising.Free PC Health Check - find bad files fast! How many corrupt and redundant files are lurking inside your PC ready to cause harmful errors? Find these harmful "time-bomb" files instantly and keep your computer ERROR FREE 24 hours a day!VariantsBookedSpace/Remanent : early variant (around July 2003) with filename rem00001. Phishing and Pharming: Dangerous Scams As soon as almost all computer users already got used to -- or at least heard about -- the word "phishing", another somewhat confusing word appeared not long ago. Pharming. The Top Twelve Threats No Computer User Should Ignore The internet is undoubtedly a fantastic resource for families and offers a rich vein of educational content.However, there are potential dangers - welcome to the seedy world of viruses, spam, trojans, pornography, spyware and other nasties. Lets Talk About Antivirus Software! Nowadays more and more people are using a computer. A lot of them use it at their work place, but an increasing number of computer users have also discovered the need to have a computer at home. Secrets On Security: A Gentle Introduction To Cryptography Let us take the example of scrambling an egg. First, crack the shell, pour the contents into a bowl and beat the contents vigorously until you achieved the needed result - well, a scrambled egg. Instant Messaging - Expressway for Identity Theft, Trojan Horses, Viruses, and Worms Never before with Instant Messaging (IM) has a more vital warning been needed for current and potential IM buddies who chat on line.John Sakoda of IMlogic CTO and Vice President of Products stated that,"IM viruses and worms are growing exponentially. Firewalls: What They Are And Why You MUST Have One! A firewall is a system or gateway that prevents unauthorized access to your computer or private network. It is usually the first line of defense in protecting your private information or data. Identity Theft -- 10 Simple Ways to Protect Your Good Name! Identity Theft is one of the most serious problems facing Internet users. Identity Theft is exactly as the name states -- someone steals your Identity and commits fraud in your name. 40 Million People Hacked - YOU as Identity Theft Victim Saturday, MasterCard blamed a vendor of ALL credit cardproviders called CardSystems Solutions, Inc., a third-partyprocessor of payment card data, as the source of loss of 40million consumers credit card information. The Risk Of Electronic Fraud & Identity Theft Electronic Fraud and Identity Theft-----------------------------------Human beings are pretty sensible when presented with an imminent threat or risk. That is, if it's staring us directly in the face. Free Spyware Removal - Its Not As Easy As It Sounds Nobody wants to pay to remove spyware. At the very least, I don't. SPYWARE - Whos Watching Who? I am in the midst of Oscar Wilde's The Picture of Dorian Gray. "The basis of optimism is sheer terror. What Every Internet Marketer Should Know About Spyware If you run any type of Internet business, Adware and Spyware can be a very serious issue. These programs hide themselves on your computer and do all sorts of annoying and potentially dangerous things. |
home | site map |
© 2006 |