Technology continues to advance, security tools continue to emerge, but the good ‘ol tried and true social engineering exploit is still as effective as it ever was. I found an article published today, "Hook, line and sinker," very interesting. It describes how computer-based attacks, such as phishing exploits, are being combined with social engineering.
There are some good stories within this article to not only help demonstrate the need for a comprehensive information security and privacy training and awareness program that includes information on identifying and not falling victim to social engineering attacks, but they could also be used within your training and awareness efforts.
Technorati Tags
information security
IT compliance
corporate governance
awareness and training
cybercrime
social engineering
privacy