background preloader

Social engineering (security)

Social engineering (security)
Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. The term "social engineering" as an act of psychological manipulation is also associated with the social sciences, but its usage has caught on among computer and information security professionals.[1] All social engineering techniques are based on specific attributes of human decision-making known as cognitive biases.[2] These biases, sometimes called "bugs in the human hardware", are exploited in various combinations to create attack techniques, some of which are listed. The attacks used in social engineering can be used to steal employees' confidential information. Quid pro quo means something for something: U.S.

What is social engineering? - Definition from Social engineering is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. It is one of the greatest threats that organizations today encounter. Why social engineering is performed Social engineering is a component of many -- if not most -- types of exploits. How social engineering is performed A social engineer runs what used to be called a "con game." How to counter social engineering Security awareness training can go a long way in preventing social engineering attacks. Examples of social engineering attacks Another aspect of social engineering relies on people's inability to keep up with a culture that relies heavily on information technology. Margaret Rouse asks: Prevention includes educating people about the value of information, training them to protect it and increasing people's awareness of how social engineers operate.

The man who 'nearly broke the internet' | Technology Sven Olaf Kamphuis, taken from his Facebook page. Photograph: Guardian The day Sven Olaf Kamphuis parked his huge orange Mercedes van with its German numberplates outside Bar Javis, in the Catalan town of Granollers, the owner's son snapped a picture with his mobile phone. "Not a lot happens in this street," Maria Cruz, the bar's owner, explained. "And it was so huge, with all those funny antennas and solar panels poking out of the roof, that it blocked the light to the bar." Even stranger was the 35-year-old Dutch man who parked it in this narrow street after renting a small attic flat with windows made of glass blocks in the poorer end of this nondescript town 15 miles from Barcelona. Even on hot early summer days, Kamphuis wore a woollen hat. Sven's van Kamphuis displayed a Napoleonic sense of grandeur. "The request to arrest him came from the Netherlands," said the police officer, who heads the cybercrime unit in Barcelona. Several other mysteries remain.

Money laundering Placing 'dirty' money in a service company, where it is layered with legitimate income, and then integrated into the flow of money is a common form of money laundering Money laundering is the process whereby the proceeds of crime are transformed into ostensibly legitimate money or other assets.[1] However in a number of legal and regulatory system the term money laundering has become conflated with other forms of financial crime, and sometimes used more generally to include misuse of the financial system, including terrorism financing, tax evasion and evading of international sanctions. Most anti-money laundering laws openly conflate money laundering (which is concerned with source of funds) with terrorism financing (which is concerned with destination of funds) when regulating the financial system.[2] Money obtained from certain crimes, such as extortion, insider trading, prostitution, drug trafficking, illegal gambling or tax evasion is "dirty". Methods[edit] Enforcement[edit]

Why the world’s technology giants are investing in Africa 14 October 2013Last updated at 19:00 ET By Fiona Graham Technology of business reporter, BBC News, Accra Young people gaining access to technology is key for Africa, tech companies say "I don't understand. Why is it that the media only seems to talk about Africa when bad things happen?" The man behind the counter at my hotel in the Ghanaian capital, Accra, was talking to me about my job, and why I was visiting. He looked genuinely pained. It's arguably a fair point. In fact, Africa is booming, with growth of 5.6% predicted for 2013, according to the World Bank - although research suggests this has yet to trickle down to the very poorest on the continent. The middle class in sub-Saharan Africa is expanding rapidly. So it's no surprise that the big technology companies are investing in Africa. Is it driven by philanthropy or a desire to get in on the ground before their competitors? Continue reading the main story “Start Quote End QuoteDr Kamal BhattacharyaIBM Research - Africa

40 maps that explain the world By Max Fisher By Max Fisher August 12, 2013 Maps can be a remarkably powerful tool for understanding the world and how it works, but they show only what you ask them to. So when we saw a post sweeping the Web titled "40 maps they didn't teach you in school," one of which happens to be a WorldViews original, I thought we might be able to contribute our own collection. Some of these are pretty nerdy, but I think they're no less fascinating and easily understandable. [Additional read: How Ukraine became Ukraine and 40 more maps that explain the world] Click to enlarge. OpenWay Group OpenWay is an international group of companies with over 10 years experience in developing and implementing innovative software solutions for the financial transaction processing and payment card business. Many of the world's leading banks and processing companies are use our WAY4 software. Our clients expect and receive high-speed flexible software. They appreciate our ability to understand their real business needs, implement the best solutions, and provide timely, competent customer support. Our team is always on the lookout for talented professionals to join us as we build client relationships, develop new products and expand into new markets. We create enterprise systems. Solid customers Challenging tasks Top-notch tools Modern platforms Competent colleagues High levels of responsibility We believe that people work most effectively when their job is interesting and intellectually stimulating We encourage self-starters and good organisers Business analysis and consulting System implementation

Rabies, a neglected, fatal disease - Gauteng THE STARDr Jacqueline Weyer of the National Institute for Communicable Diseases and Human Rabies in South Africa in a laboratory at her workplace in Sandringham, Joburg. Photo: Boxer Ngwenya Johannesburg - A child foaming at the mouth, holding on to bed rails while having a violent convulsion; a seemingly violent, delirious dog growling with saliva dripping from its sharpened teeth. This is the picture often used to illustrate one of the world’s most fatal diseases - rabies. In South Africa, up to 30 cases are confirmed each year. Speaking at a World Rabies Day symposium at the National Institute for Communicable Diseases (NICD) on Tuesday, researchers all echoed the same sentiment that what was needed was a shift to having more vaccinations and awareness education. Rabies is a zoonosis, meaning it can spread from animals to humans through exposure to saliva or nervous tissue from a rabid animal. “Rabies is a neglected disease. The Star

Информационный взрыв: как данные меняют технику, бизнес, науку и всё остальное «Работа биржевого детектива» — так назвал своё выступление на конференции Wired Business 2013 Эрик Хансейдер, возглавляющий компанию Nanex. Зачем на бирже понадобились детективы? Чтобы разобраться, чем в действительности занимаются неконтролируемые «роботы», которые захватили торги пять лет назад. По меньшей мере 70% сделок на американских биржах заключают автономные торговые программы. Компания Nanex записывает и анализирует котировки — и делает это со скоростью биржевых роботов. Работа «детектива» начинается, когда нужно понять, какие тайны прячутся в этих петабайтах. Лобовой подход тут не работает: данных слишком много. У Nanex свои методы, помогающие отличать шум от сигнала, выявлять скрытые закономерности в огромных массивах данных и представлять информацию в масштабе, доступном не только машинам, но и человеку. Взрывной рост количества данных происходит не только на биржах. Откуда берутся наводнившие мир данные? Возьмём, к примеру, машинный переводчик Google Translate.

Retail Banking One of the themes of my presentations of recent times is how technology has bridged the divide between work life and social life. This came up in force again, as we talked about the role of social media in finance at the Club this week. For the older generation, work was always a place you went to and, when you left, you closed the door and relaxed. There was no cross-over. Gradually thanks to email, the telephone and now the whole world of social media, these two separated planets have collided, merged and melded. It is the reason why we have social capitalism and the ability of anyone, anywhere to change anything.

Techniques Phishing is the method used to steal personal information through spamming or other deceptive means. There are a number of different phishing techniques used to obtain personal information from users. As technology becomes more advanced, the phishing techniques being used are also more advanced. To prevent Internet phishing, users should have knowledge of various types of phishing techniques and they should also be aware of anti-phishing techniques to protect themselves from getting phished. Email / Spam Phishers may send the same email to millions of users, requesting them to fill in personal details. Web Based Delivery Web based delivery is one of the most sophisticated phishing techniques. Instant Messaging Instant messaging is the method in which the user receives a message with a link directing them to a fake phishing website which has the same look and feel as the legitimate website. Trojan Hosts Link Manipulation Key Loggers Session Hacking System Reconfiguration Content Injection