Posts Tagged ‘social engineering’

Show “Home Alone” To Raise Social Engineering Awareness

Saturday, November 24th, 2007

I hope those of you who celebrated Thanksgiving had a great one! I spent a very nice day with my family at my brother’s house. After getting back home we decided to watch some Christmas movies, so we spent the evening watching one of my very favorites, “A Christmas Story” and then “Home Alone.”


07/07/07! Lucky for Cybercriminals?

Saturday, July 7th, 2007

I’ve always been fascinated with numbers. Math has always been fun, and one of my degrees is in math. I’ve never really studied numerology, but today’s date, 07/07/07, only happens once each century, and it is interesting to see how many people are celebrating it in various ways.


New Social Engineering Scheme Targets Military Families

Monday, June 25th, 2007

Every week…sometimes daily…it seems there is a new type of social engineering attack targeting specific groups. The social engineering fraudsters are pretty creative and many adept at exploiting the vulnerabilities and weaknesses of these groups. They use face-to-face methods, phone calls, email messages, faxes, and any other communication path that could take them to a willing victim.


Social Engineering & the Need for Awareness & Training: Fraudsters Are Calling Businesses Pretending to Be SEC Staff Members

Monday, May 14th, 2007

Another example of a social engineering scam, and another example of why awareness and training are so important for safeguarding information…
On May 10th the U.S. Securities and Exchange Commission (SEC) issued a press release warning that imposters were calling companies, claiming to be SEC examiners, and demanding “immediate access to confidential records.”


Information Security & Privacy Awareness: Engage Personnel In Thinking About the Issues To Improve Security and Privacy

Saturday, May 12th, 2007

It really bothers me when so-called information security and privacy “experts” make statements that awareness activities have no impact. They base their opinions on measurements that could very well be, and likely are, unrelated to each other. Last year a study was presented in Europe claiming awareness activities has no impact on security.


Keyloggers + Social Engineering = Identity Theft: Fraudsters Exploit Human Frailties with Seductive Messages

Friday, April 27th, 2007

Fraudsters and cybercriminals continue to find creative ways to exploit technology and human weakness to facilitate their crimes. Another new exploit they are using is hijacking popular Google search terms, typically targeting bank sites, and then inserting HTML into the legitimate response pages to get end-users to provide personally identifiable information (PII), typically website user IDs and passwords, often in conjunction with keyloggers they download to the victims’ computers.


Awareness and Training Example: Privacy Impacts Throughout the Day

Tuesday, January 16th, 2007

There was a very interesting article in the Washington Post today, “Enjoying Technology’s Conveniences But Not Escaping Its Watchful Eyes
This documentary of the day in the life of a woman shows how privacy issues are encountered throughout the day, and how virtually all of us leave a bit of ourselves, and along with it our privacy, whenever we get online, make purchases from stores, make phone calls, or do any number of things in virtually any place.


Data Mining Doesn’t Always Pay: $1.135 Million Judgment

Thursday, November 30th, 2006

On November 29 Judge Clarence Cooper of Atlanta’s U.S. District Court ordered that Tamarac, Fla.-based 1st Source Information Specialists Inc. and company principals Kenneth W. Gorman and Steven Schwartz disgorge all profits and pay Cingular Wireless compensatory and punitive damages and attorney fees totaling $1,135,000.
1st Source was harvesting cell phone numbers from web sites and doing reverse lookups for cellphone numbers and selling the information to other businesss for $110 to $195. To make things worse they were also selling records of the calls made from specific cell phone numbers; an additional huge invasion of privacy.