Weakest Link In The Information Security Awareness Chain?!?
- Date: 2007-01-20 - Word Count: 439
Share This!
Answer of this question is simple and incredible for many people ears... Weakest link in informations security awareness chain is PEOPLE!!! Why? Because we are people with human weaknesses and there are people who use that to get benefit.
Social engineering is the name given to a category of security attacks in which someone
manipulates others into revealing information that can be used to steal data, access to systems, access to cellular phones, money or identity. That's definition, but actually, social engineering is the acquisition of sensitive information or inappropriate access privileges by an outsider, based upon the building of an inappropriate trust relationship with insiders.
There are three aspects of social engineering:
* Different avenues of persuasion
* Perception that affect social interaction
* Techniques for persuasion and influence.
Social engineers use many different methods to get out information from peoples. To retrieve desired information they can use computer based methods - refers to software action or human based methods - that refers to person-to-person communication, sometime even both.
They can calling and pretend vice president or someone from tech support group, looking over a shoulder or even going through the trash. They can send you spam, chain letters and viruses and do much more to get necessary information!
Here is one example of social engineering prepares by Melissa Guenther, LLC. :
Mr.Smith: Hello?
Caller: Hello, Mr. Smith. This is Fred Jones in tech support. Due to some disk space constraints, we're going to be moving some user's home directories to another disk at 8:00 this evening. Your account will be part of this move, and will be unavailable temporarily.
Mr.Smith: Uh, okay. I'll be home by then, anyway.
Caller: Good. Be sure to log off before you leave. I just need to check a couple of things. What was your username again, smith?
Mr.Smith: Yes. It's smith. None of my files will be lost in the move, will they?
Caller: No sir. But I'll check your account just to make sure. What was the password on that account, so I can get in to check your files?
Mr.Smith: My password is tuesday, in lower case letters.
Caller: Okay, Mr. Smith, thank you for your help. I'll make sure to check you account and verify all the files are there.
Mr.Smith: Thank you. Bye.
From this conversation we can see how clever and east they cheat information, allow us thinking that we are useful!
Statistic said that, at the most risk to social engineering fraud is elderly, because they tend to be more trusting and less familiar with technology. But always there is possibility that everyone can become a victim of social engineer!
Because it is so important, make information security awareness training like a part of daily life!
Article source infosecuritylab
Social engineering is the name given to a category of security attacks in which someone
manipulates others into revealing information that can be used to steal data, access to systems, access to cellular phones, money or identity. That's definition, but actually, social engineering is the acquisition of sensitive information or inappropriate access privileges by an outsider, based upon the building of an inappropriate trust relationship with insiders.
There are three aspects of social engineering:
* Different avenues of persuasion
* Perception that affect social interaction
* Techniques for persuasion and influence.
Social engineers use many different methods to get out information from peoples. To retrieve desired information they can use computer based methods - refers to software action or human based methods - that refers to person-to-person communication, sometime even both.
They can calling and pretend vice president or someone from tech support group, looking over a shoulder or even going through the trash. They can send you spam, chain letters and viruses and do much more to get necessary information!
Here is one example of social engineering prepares by Melissa Guenther, LLC. :
Mr.Smith: Hello?
Caller: Hello, Mr. Smith. This is Fred Jones in tech support. Due to some disk space constraints, we're going to be moving some user's home directories to another disk at 8:00 this evening. Your account will be part of this move, and will be unavailable temporarily.
Mr.Smith: Uh, okay. I'll be home by then, anyway.
Caller: Good. Be sure to log off before you leave. I just need to check a couple of things. What was your username again, smith?
Mr.Smith: Yes. It's smith. None of my files will be lost in the move, will they?
Caller: No sir. But I'll check your account just to make sure. What was the password on that account, so I can get in to check your files?
Mr.Smith: My password is tuesday, in lower case letters.
Caller: Okay, Mr. Smith, thank you for your help. I'll make sure to check you account and verify all the files are there.
Mr.Smith: Thank you. Bye.
From this conversation we can see how clever and east they cheat information, allow us thinking that we are useful!
Statistic said that, at the most risk to social engineering fraud is elderly, because they tend to be more trusting and less familiar with technology. But always there is possibility that everyone can become a victim of social engineer!
Because it is so important, make information security awareness training like a part of daily life!
Article source infosecuritylab
Related Tags: information security awareness, infosecuritylab, palsit, information security awareness training
Your Article Search Directory : Find in Articles
Recent articles in this category:
- Improper Way Of Marketing Reflects Poorly On A Company.
New business, product or service everything requires visibility, awareness in order to come into the - Replacing Paper Prints With Online Versions
Nowadays saving out on resources and being additionally informative are both aspects that are in. In - Stop Smoking Effectively
If I told you of a way that you could stop smoking harmful tobacco would you believe it? Most people - What Is Runtime Error 182? And How To Fix It
Are you finding an effective way to fix runtime error 182? Do you think fixing runtime error 182 is - Do You Know How To Fix Runtime Error 87 In Minutes?
Are you finding an effective way to fix runtime error 87? Do you think fixing runtime error 87 is to - Knowledge About Avi, Avi Player, Avi Converter On Mac
Knowledge about AVI, AVI player, AVI Converter on MacWhat is an AVI?AVI, an acronym for Audio Video - Buy Your Highly Successful Email Survey Software Today
Email Survey Software- Boost Your Business and Increase ProfitsAn email survey software could be one - Xrm - The Anything Relationship Management Solution
I recently attended the Microsoft Dynamics West Region FY11 Sales Planning Retreat. This year's meet - What Are The Benefits Of Working With Electronic Medical Records
Recording medical information is a vital part of health care services. These records are necessary f - Basic Factor To Make Website Business Oriented
Internet is home for millions of websites. The online business is becoming more and more competitive
Most viewed articles in this category:
- Parental Control Software
Parental control software is software that can help parents protect their children when they are onl - Digital Asset Management Software
Managing and organizing your organization's documents is a critical component to your business's suc - AdobeRGB vs. sRGB
Understanding color spaces I'll try to explain it very simplified, but understandable for everyone - Confessions of a Prankster
I wanted to get a jump on April Fool's Day, partially because of the long, cold winter blues, and pa - Malicious Thoughts About The Spyware Ills Of My PC
Who would think I was capable of such revengeful thoughts about the parties responsible for inflicti - Recover File and Recover Deleted File Tools
Data recovery software is a very effective way of retrieving data from a worn or damaged hard disk d - Life without Windows
Ubuntu, a user-friendly version of Linux, has been running so nicely on my home PC that I decided to - What Benefit Does an Online Software Download Site Offer You?
Are you having a problem that where you find a good softeware when you consider to have a try or wan - Maintaining A Website
There was an era when people were talking about how to create a website using html coding or some ea - Benefits Of Proper Time Tracking
Have you ever written down time when you have started and finished your work? Maybe you have had mul