I dont think we'll ever see the last of social engineering. Suckers are plentiful and scamming has become almost an art form.
Printable View
I dont think we'll ever see the last of social engineering. Suckers are plentiful and scamming has become almost an art form.
IMO i think people are ignorant to what really goes on in cyberspace most internet user's would never think twice if some one claiming to be tech support calls there home and asks for a user name and password there first instinct as a consumer would be to give up a user name and password so they know that the service they are paying for is working correctly.And with the release of Kevin Mitnick's book the art of deception every skiddie on the net probably has a copy and it doesent take a genius to phone some one up and ask for a username and pass all it takes is confidence if you go on the phone stuttering and stammering people would probably think twice before giving up the goods but its over a phone you dont need to see these people face to face (not unless there a witness against you in court :p) so IMHO i think social engineering will never die out untill the average every day internet user wise's up and gets a clue about what realy happens on the net
peace
always remeber this important rule..
the security chain is only as strong as the weakest link!
In most cases that weak link is indead between the monitor and the chair.. the opperator.
Today in any company nearly anyone has a (limited) account on some system.
Some of these people think that Word and Excell are the only apps on their computer and that outlook and internet explorer are the only two items that make up the internet..
When asked a series of questions of wich they can only answer about half. they will tell you there mother's maiden name...
And they didn't only lower the expectations, also the amount of knowlege needed to opperate the machine. And therefore the amount of security-awareness.Quote:
"Microsoft's biggest and most dangerous contribution to the software industry may be the degree to which it has lowered user expectations."
-ESTHER SCHINDLER, OS/2 Magazine
Security is about trust, and trust is generally considered the weakest link in the security chain.
some more on this
Granted that social engeneering goes far into other matters then just computers, but for computers itself, you all believe it'll never cease?
So basically, everyone here is confident that the world is still brewing with saps and no matter how much we educate the world, there will always be victims of social engeneering.
So the fact that Mitnick released a book on "The Art of Deception" won't wise people up?
Would you believe that people would learn after being a victim, or do you figure they'll be cautious for a few months and then drop their guard again?
I believe experience is a very good teacher...especially bad experience . Regarding whether or not victims will let their guard down -- I can only say I am constantly surprised by the ignorance of the masses. :rolleyes:Quote:
Would you believe that people would learn after being a victim, or do you figure they'll be cautious for a few months and then drop their guard again?
I would also agree that a bad experience is a very good teacher, however this is one type of bad experience that i would guess less than 1% of the worlds population has been faced with.
It is impossible to educate everyone enough on this subject. Too many people are just too stupid, not to mention there are so many different social engineering tactics that can be used. It is for exactly this same reason that telemarketing companies are so successful. Human nature is to believe almost anything once a certain level of trust is established, so the art of social engineering begins with establishing trust with the victim. As others have mentioned, Mitnick does a really outstanding job of portraying this in the "Art of Deception"
The human factor is and will always be the weakest link of security.
If that were the truth, there would never have been a WWII and Vietnam and Iraq, now would there, idle hope that in this ppl will all "wise up"..Quote:
won't wise people up
I think the worse is yet to come..
Did you know that half of the people in the world have a below average IQ *
As I stated in my first reply, more and more less educated people work with computers nowadays.
Also companies keep getting bigger and bigger, allowing for an "intruder" to slip in undetected.
Also all people have their weeknesses, you can't be good at evrything..
So all people are social engeneerable to an extent !!
If someone wants the information bad enough he or she will in the end get that information !
And if performed propperly even the people to experience it would not see (or feel) it as a bad experience and would not even know how and who did the trick !!Quote:
I would also agree that a bad experience is a very good teacher, however this is one type of bad experience that i would guess less than 1% of the worlds population has been faced with.
* spoiler: did you know that of the numbers 1 thrue 100 half are below the average (50) !!
People are so trustworthy. SE will never die as long as their are people.
Most don't belive it can happen to them or that's only in the movies.
To true Allenb1963, the two oldest professions in the world, prostitution & spying. Sorry mean social engineering!!!
You make a very good point
Al