AT&T Warns Staff of Hackers
Results 1 to 6 of 6

Thread: AT&T Warns Staff of Hackers

  1. #1

    Lightbulb AT&T Warns Staff of Hackers

    originally posted here.

    AT&T warns staff to be wary of hackers.

    AT&T has warned employees not to be tricked into surrendering sensitive information about its network to hackers posing as colleagues or customers this weekend, a spokeswoman said on Friday.

    The warning, sent in an e-mail to AT&T staff, came ahead of a major hackers convention in New York where some of the attendees plan to give a demonstration of "social engineering" techniques ways of getting information that can be used to break into computer networks from the people who run them.

    AT&T workers in past years were tricked into giving out sensitive information over the telephone to people pretending to be other employees or customers, according to the internal AT&T e-mail dated on Thursday.

    Recorded telephone calls based on those exchanges have been sold as instructional videos to would-be hackers at the HOPE (Hackers on Planet Earth) conference, the e-mail said.This year's conference, dubbed H2K2, started on Friday and runs through Sunday in New York City.

    "There is a very high likelihood that AT&T will be a target again" on Sunday afternoon, when a social engineering contest is scheduled, the e-mail said.

    "Remember, you do not want to be the lucky guest of honor on a telephone call from the hacker conference this weekend with thousands of hackers listening to you and attempting to scam AT&T out of proprietary information," the e-mail warned. "Please be on guard."

    Cindy Neale, a spokeswoman for New York-based AT&T, said it is not unusual for the company to send out such internal notices. On Friday, attendees of one conference session learned how to get access to telephone company caller ID systems. In front of a packed room of several hundred, a hacker calling himself "Lucky225" tricked several operators at Vancouver, British Columbia-based Telus, Canada's second largest telephone company, into giving him access to the network by saying simply, "I'm an engineer."

  2. #2
    Junior Member
    Join Date
    May 2002
    Posts
    4
    This just goes to show you stupid these AT&T morons really are. There company has to go around telling every employe not to give out vital information to some idiot you reads a few social enginering tutorials.

  3. #3
    Didn't Kevin Mitnik use these techniques often? I heard he was a champion social engineer (or bullshit artist:P)

  4. #4
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    Remember Help Desk = Cheat Sheet go from A to Z and all you need is a mailing addy to confirm the account, put oops I moved the info is not correct. Tech suppot is nothing more then someone ticking off do this and that ok it should work. Oh and the call center is in Flordia where most on-line real world scams come from. But hey Jeb is in charge and they even loose kids to boot. Reality hit's corp America they scam why don't they expect it? Nothing even social about it it's called minimum wage a job it's not secure why would these good people even care?
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

  5. #5
    Senior Member
    Join Date
    Apr 2002
    Posts
    712
    Originally posted here by alittlebitnumb
    Didn't Kevin Mitnik use these techniques often? I heard he was a champion social engineer (or bullshit artist:P)
    Yes, Mitnick was a great social engineer... I think he's better know for that than his real technical "hacks" (many of which, I believe, weren't actually written by him).

    And Jinx, I have news for you... many large companies (namely ones with large IT organizations and dedicated security personnel) tend to send out occassional "social engineering warnings" and the like... I think this is primarily news worthy because the last time it happened to them it pretty much made the presses - pretty interesting to see some guy standing up in front of an audience, "social engineering his way in to a switch."

    Large companies have to disseminate information somehow... email or internal websites (or both) seem as good a means as any (though there's always some cute little helpdesk person that seemingly has nothing better to do than to spread the proprietary info around to places like www.****edcompany.com or the like).


    Personally, I say "good for AT&T" - and, if they have the balls to say "we're actually telling our employees this" than, well, more power to them. Though, I also think that makes them even more of a target...
    \"Windows has detected that a gnat has farted in the general vicinity. You must reboot for changes to take affect. Reboot now?\"

  6. #6
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    Point well taken Draziw, however I issue many internal warning on stuff and more then one time they are forwarded out of the company not a good thing really to do. Thing is how many people actually listen to it, well my best example is you know that vorus you warned about (Anna K) well I went to my web email and down-loaded it is that a problem? Followed by are my emails going to get to my friends. Me plug is pulled and the spool manually being deleted in mass. Users in fact do not listen to such warning and in most cases face no result from their actions. Was a human mistake "I'm sorry" issue the warning they did who listen's? Only takes one person to oops make a mistake. Security is a very hard issue in the real world only takes one idiot you have no control of nor will pay anything for being lame.
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •