[Nulled] » Information security » Social Engineering » 💬 true story... Social Engineering.
January 20 2023

💬 true story... Social Engineering.

💬 true story... Social Engineering.

The question is not "Will you be hacked or not?", but "How quickly can you find out that you have already been hacked?!"

• It happens that one firm is hired to check the quality of work of another. When it comes to social engineering, this is a particularly relevant practice.

• The founder of The Security Awareness company, Wynn Schwartau, has been engaged in auditing for more than 25 years. They usually come to him for an expert assessment of the measures already taken to strengthen security. He was once asked to do this for a major financial institution in New York. The fact is that the bank's employees were just scared by previous auditors who found a ton of problems. For a whole month, the entire staff was instructed in intensive trainings. Employees have become real paranoids: they do not open suspicious emails, do not follow phishing links, do not pick up flash drives, do not disclose anything over the phone and strictly follow official instructions.

"Yes, these are perfect victims!" thought Schwartau and got to work. He copied a sample of the business letter header from the company's website, took some of the employees' regular mail addresses there, and learned the rest from reference books. Together with his assistants, Shvartau compiled about 1,200 personally addressed paper letters, printed them on homemade letterheads of the organization being checked and sent them in the old grandfather's way.

• Each letter stated that their company's reputation had recently suffered greatly due to the actions of individual employees who neglected basic security measures. The leadership cannot allow new punctures, so it is taking unprecedented measures.

• Then, to lull vigilance, a detailed plan followed with an abundance of technical terms that an office employee is unlikely to be able to understand. Then there was a standard request to inform about all suspicious actions. At the end of the letter, it was said that IT is now required to communicate with the IT department and the security service only through physical mail, since this is the only communication channel inaccessible to hackers.

• P.S: the specified address does not belong to the company, so that no one can calculate and intercept these letters. "We will put them in a securely guarded mailbox, which only the management and the security service will have access to," the letter said. — "Right now you should send your credentials so that we can check them manually and complete the system update." 30% of employees responded the very next day, specifying all their data in the letter. Not a single training helped them understand that even in the 21st century, a hacker can send a letter on paper.

• Conclusion: No matter how long and carefully the organization trains people, no matter what administrative and technical measures it takes, it will never reach 100% security. Any high safety indicators are only a temporary effect. People draw certain conclusions, become more cautious, but they cannot effectively resist the properties of their nature. Every time they are faced with the need to make an urgent decision, experiencing a thirst for easy money or fear of anything, they make themselves and their company vulnerable

Information

Visitors who are in the group Guests they can't download files.
Log in to the site under your login and password or if you are a new user go through the process registrations on the website.

Comments:

This publication has no comments yet. You can be the first!

Information the publication:

  • Author of the publication: web3
  • Date of publication: 20 January 2023 13:43
  • Publication category(s): Information security»,Social Engineering
  • Number of views of the publication: 180
  • Number of comments to the publication: 0

Related News

20 January 2023
Social Engineering
💬 true story... Social

💬 true story... Social Engineering. • Technical security measures practically do not reduce the risks from attacks

Read more
20 January 2023
Social Engineering
Social Engineering ​💬

Social Engineering ​💬 true story... 🖖🏻 Greetings to you user_name. • Today I want to share with you an interesting

Read more
20 January 2023
Social Engineering
💬 true story from Group

💬 true story from Group IB. Social Engineering. The main component of phishing is that this method of attack

Read more
20 January 2023
Social Engineering
💬 true story... Social

💬 true story... Social Engineering. • Today we are talking about social engineering, namely the hacking of the

Read more
20 January 2023
Social Engineering
💬 true story from Group

💬 true story from Group IB. Social Engineering. • Today I have prepared for you another and interesting story from

Read more

Information

Users of 🆅🅸🆂🅸🆃🅾🆁 are not allowed to comment this publication.

Site Search

Site Menu


☑ Websites Scripts

Calendar

«    December 2024    »
MonTueWedThuFriSatSun
 1
2345678
9101112131415
16171819202122
23242526272829
3031 

Advertisement

Survey on the website

Evaluate the work of the site
 

Statistics

  • +37 Total articles 6747
  • +17 Comments 4132
  • +29 Users : 5932