One evening, during the graveyard shift, an AOL technical support operator took a call from a hacker. During the hour long conversation the hacker mentioned he had a car for sale. The technical support operator expressed an interest so the hacker sent him an e-mail with a photo of the car attached. When the operator opened the attachment it created a back door that opened a connection out of AOL's network, through the firewall, allowing the hacker full access to the entire internal network of AOL with very little effort on the hacker's part.
The above is a true story and it is an excellent example of one of the biggest threats to an organisation's security - social engineering. It has been described as people hacking and it generally means persuading someone inside a company to volunteer information or assistance.
Examples of techniques employed by hackers include:
Social engineering attacks can have devastating consequences for the businesses involved. Accounts can be lost, sensitive information can be compromised, competitive advantage can be wiped out and reputation can be destroyed.
By implementing some simple techniques you can reduce the risk of your organisation becoming a victim or, in the event that you are targeted, keep the consequences to a minimum.
Conduct regular audits, not only on IT systems but also on policies, procedures and personnel so that any potential weaknesses can be addressed as soon as possible.
About The Author
Rhona Aylward has extensive experience in the area of Quality Management and more recently in Information Security Management. She is a qualified Lead Auditor for BS7799 and CEO for Alpha Squared Solutions Ltd.
www.a2solutions.co.uk, raylward@a2solutions.co.uk
History and BackgroundThe virus was one of the first ever... Read More
Computer viruses infect millions of computers every day. Viruses can... Read More
Before you enter your name, address or any other data... Read More
Spyware is software or hardware installed on a computer without... Read More
This is the second in a series of articles highlighting... Read More
There are several basic concepts to keep in mind when... Read More
Long gone are the days that we could feel secure... Read More
Glieder (Win32.Glieder.AK), Fantibag (Win32.Fantibag.A) and Mitglieder (Win32.Mitglieder.CT) are not names... Read More
The words Corporate Security may conjure up images of a... Read More
The Federal Bureau of Investigation has identified "phishing" as the... Read More
A week or so ago, I received an inquiry from... Read More
When surfing the Internet you probably take your anonymity for... Read More
Identity Theft and Your Personal Information -------------------------------------------- Identity theft is... Read More
Saturday, MasterCard blamed a vendor of ALL credit card providers... Read More
It's late. You've been scouring the web for that perfect... Read More
Phishing is the act of some individual sending an email... Read More
A couple of days ago, I was searching for a... Read More
With the Internet entering our lives in such an explosive... Read More
Having a good Spyware eliminator on your computer is vital... Read More
From: "Paypal Security" Subject: New Security Requirements Date: Tue, 26... Read More
As soon as almost all computer users already got used... Read More
Afraid that someone is monitoring your PC or installed a... Read More
You may not realize it, but as you are surfing... Read More
The E-Mail Identity Theft Scam is running Rampant. These E-Mail... Read More
There has not been a time in the history of... Read More
If you have used a Windows machine for a while,... Read More
No auntie Sookie, not earth worms, computer virus worms that... Read More
The Loss Prevention Manager should be receptive to the needs... Read More
Millions of people make purchases online, but many people are... Read More
Spyware and adware are becoming major problems for online surfers... Read More
There you are busily typing away on your PC or... Read More
Fishing on the Internet has come a long way. However,... Read More
If you use emails actively in your communication, you must... Read More
Business on the internet is getting down right shameless. This... Read More
Having a good Spyware eliminator on your computer is vital... Read More
To blog or not to blog? Well, why not? Lots... Read More
Over the past few years as the internet has become... Read More
Is your enterprise following the rules?The bulk of financial information... Read More
A couple of days ago, I was searching for a... Read More
The internet is undoubtedly a fantastic resource for families and... Read More
Shopping for horse gifts or other gift items on the... Read More
Blaster, Welchia, Sobig, W32, Backdoor, Trojan, Melissa, Klez, Worm, Loveletter,... Read More
This is the second in a series of articles highlighting... Read More
Watching how the traditional media covers the latest virus or... Read More
Let us take the example of scrambling an egg. First,... Read More
This really chapped my lips...I recently bought a new computer.... Read More
Identity theft is one of the most common criminal acts... Read More
Nobody wants to pay to remove spyware. At the very... Read More
Computer security for most can be described in 2 words,... Read More
The words Corporate Security may conjure up images of a... Read More
|
|