The Art of Social Engineering*
-
date post
21-Oct-2014 -
Category
Technology
-
view
634 -
download
4
description
Transcript of The Art of Social Engineering*
The Ultimate HeistTime Magazine: Monday November
20th, 1978
Stanley Mark Rifkin
Security: Fact or Fiction?
Just Ask!
THE DIRECT ATTACK:
PHONY SITES AND DANGEROUS ATTACHMENTS
www.paypai.com
www.paypal.com
www.paypa1.coma
SIX TENDENCIES SOCIAL ENGINEERS RELY ON
•Authority•Liking•Reciprocation•Consistency•Social validation•Scarcity
SECURITY IS NOT A PRODUCT; IT IS A PROCESS
The reminders must be as well
THE THREAT IS CONSTANT
COMMON SOCIAL ENGINEERING METHODS• Posting as employee of vendor
• Posing as someone in authority
• Sending a virus in an email
• False pop-up Windows
FACTORS THAT MAKE COMPANIES MORE VULNERABLE TO ATTACKS• Large number of employees
• Multiple facilities
• Information on employee whereabouts left in voice mail messages
• Phone extension information made available
• Lack of security training
• Lack of data classification system
• No incident reporting/response plan in place
WARNING SIGNS OF AN ATTACK