The Ultimate HeistTime Magazine: Monday November

20th, 1978

Stanley Mark Rifkin

Security: Fact or Fiction?

Just Ask!

THE DIRECT ATTACK:

PHONY SITES AND DANGEROUS ATTACHMENTS

www.paypai.com

www.paypal.com

www.paypa1.coma

SIX TENDENCIES SOCIAL ENGINEERS RELY ON

•Authority•Liking•Reciprocation•Consistency•Social validation•Scarcity

SECURITY IS NOT A PRODUCT; IT IS A PROCESS

The reminders must be as well

THE THREAT IS CONSTANT

COMMON SOCIAL ENGINEERING METHODS• Posting as employee of vendor

• Posing as someone in authority

• Sending a virus in an email

• False pop-up Windows

FACTORS THAT MAKE COMPANIES MORE VULNERABLE TO ATTACKS• Large number of employees

• Multiple facilities

• Information on employee whereabouts left in voice mail messages

• Phone extension information made available

• Lack of security training

• Lack of data classification system

• No incident reporting/response plan in place

WARNING SIGNS OF AN ATTACK