background preloader

Social Engineering

Facebook Twitter

Social Engineering Fundamentals, Part I: Hacker Tactics. Social engineering: 3 examples of human hacking. Chris Hadnagy gets paid to fool people, and he's gotten pretty good at it over the years. A co-founder of social-engineering.org and author of Social Engineering: The Art of Human Hacking, Hadnagy has been using manipulation tactics for more than a decade to show clients how criminals get inside information. Hadnagy outlines three memorable stories of social engineering tests that he's included in his new book (you can also read a short excerpt), and points out what organizations can learn from these results.

The Overconfident CEO In one case study, Hadnagy outlines how he was hired as an SE auditor to gain access to the servers of a printing company which had some proprietary processes and vendors that competitors were after. In a phone meeting with Hadnagy's business partner, the CEO informed him that "hacking him would be next to impossible" because he "guarded his secrets with his life. " Also see Social engineering: The basics Armed with the information, he was ready to strike. What is Social Engineering? Examples of Attacks. Always look a gift 'Trojan' horse in the mouth. You are here: Home | | Always look a gift 'Trojan' horse in the mouth Friday August 2nd 2013 Health, Beauty and Pharmacy Loss Prevention Forum warns retailers about bogus purchase orders and invoice scam.

British retailers caught up in an international ‘trojan horse’ invoice scam worth hundreds of thousands of pounds should report the sting to police and Action Fraud in the UK and not respond to threatening payment demand emails from suppliers who have shipped goods to bogus addresses. This is the warning to the High Street from the Health, Beauty and Pharmacy Loss Prevention Forum, one of 11 sector-specific Retail Loss Prevention Forums facilitated by ORIS Forums that represent many of the world’s biggest brands who have been impacted by the scam where their identities are falsely used to procure goods. To the untrained eye, the orders look genuine and suppliers are shipping the goods to addresses in the UK. Add a comment Tagged as: invoce | scam | suppliers | oris | holland & barrett. Anti-virus rants: what is social engineering? Social engineering is the process by which an attacker exploits the social needs and/or desires of people and their behaviours in response to those needs and/or desires in order to engineer an outcome that is favourable to him/her... basically it's tricking people into doing what you want them to do... a perfect example of this is the vbs/loveletter email worm... it exploited people's need to feel wanted and loved in order to get them to execute the worm... by trying to open what they thought was a message from a secret admirer, they would inadvertently execute the worm which would then send it's false promise of love to others... this is used a great deal in malware - so much so that these days a piece of malware's success in the wild could be considered to depend more on how good it's author is at social engineering than on how good it's author is at programming... back to index.