How Many of us work in a hectic, stressed environment- where deadlines and bottom-lines rule your workweek? In the course of a day, How many idiotic requests do you get to do seemly mundane chores? How Often has this happened?
You: {Bored and Seeking an excuse to take a break}
Phone Repairman: "Hi, Coorporate sent me over to do some work on your Phoneline"
You: "Oh, Alright- About How Long Will it take?"
PR: "Ten Minutes, Twenty Tops- I have some other stuff to do- so if your busy I can come back during lunch"
You: "Alright, Thanks!"
What happened here? You just gave a rival company full access to your office!
You: But he can't do anything! He doesn't Have My Password!
Me: *Hits You in the Head*
Lets go through this- He could (in Ten Minutes)
A. Steal A Hard Drive
B. Install a Hardware Keylogger
In twenty Minutes
A. Do a Stealth Boot Onto Your Computer
B. Install Software Keylogger and Screen Capture Device
C. Comb through trade secret documents, and walk out with them unquestioned.
D. Confiscate Hidden Bank documents, Client Credit cards, Even Blackmail.
Would You Give A Thief A Key? Would You Give a Murderer A Knife?
Would You Give A Meth Addict A Pipe?
You wouldn't do it with a Hacker either, 10% of Hacking is Intelligence: 89% is Persistence: And 1% Is Technological Prowess.
Hackers won't be the typical grungy teen whilst looking for information:
When in doubt, the best way to obtain information in a social engineering attack is just to be friendly. The idea here is that the average user wants to believe the colleague on the phone and wants to help, so the hacker really only needs to be basically believable. Beyond that, most employees respond in kind, especially to women. Slight flattery or flirtation might even help soften up the target employee to co-operate further, but the smart hacker knows when to stop pulling out information, just before the employee suspects anything odd. A smile, if in person, or a simple “thank you” clenches the deal. And if that’s not enough, the new user routine often works too: “I’m confused, (batting eyelashes) can you help me?”
Need More Info/ Training?
Let Me Secure Your Network!
Gillis57@gmail.com
Or, If for some god-awful reason you actually want to know what I'm doing
twitter.com/Gillis57
gillis57.googlepages.com
-
No comments:
Post a Comment