Let’s face it: Social engineering — attacking an organization through deception by “tricking” internal users into sharing inappropriate levels of access — isn’t a topic that comes up very much in most IT shops. This isn’t because social engineering is ineffective or because organizations aren’t susceptible to it. To the contrary: Although direct, quantifiable evidence about social engineering is difficult to come by, what statistics we do have suggest that success rates for social engineering attacks are disproportionately high.
Love the paper, rarely have I seen a social engineering talk that actually teaches me how to go about the process one this year at the IOActive suite at Blackhat did just that taught us how attackers are calling and what they do when doing social engineering engagements one of the gentlemen speaking, Mike Ridpath, is the leading expert in the world on Social engineering phone calls stepped live through his process when calling clients. I am hoping to fly him in for training our staff this is amazing stuff keep up the good work.
Loading ...
5 Things You Can Do Right Now to Boost Your Social Engineering Immunity
Posted by: Ed Moyle July 19, 2011 05:00 AMLet’s face it: Social engineering — attacking an organization through deception by “tricking” internal users into sharing inappropriate levels of access — isn’t a topic that comes up very much in most IT shops. This isn’t because social engineering is ineffective or because organizations aren’t susceptible to it. To the contrary: Although direct, quantifiable evidence about social engineering is difficult to come by, what statistics we do have suggest that success rates for social engineering attacks are disproportionately high.