Skip to content

toolbox > whitepapers

May 11, 2009

An overview of social engineering

Old-fashioned cons are still a popular threat

From Colin Greenlees, Siemens Enterprise Communications Limited

A Siemens security consultant targeted a FTSE listed financial services firm for a week to see what level of access to information he could achieve using social engineering tactics.

Social engineering is a form of the old fashioned confidence trick in that it is principally concerned with manipulating people into performing actions or divulging confidential information that they would not normally reveal.

Hi-tech protection systems are completely ineffectual against such attacks. Most employees are unaware that they have been manipulated.

The sign of a truly successful social engineer is that they receive information without raising any suspicion as to what they are doing, quietly slipping away once they have the information they need.


NOTE: You must be a registered site user to access this white paper. Please login below or register for the site, and you will be able to access the white paper. Registration is FREE - all you need to do is complete the registration process and hit the REGISTER ME button. Use the password reminder facility to remind you of your password.

*
*

- Forgotten your password?
- Forgotten your username or need your account confirmation email resent?

WHITE PAPERS

  • Legal risks: Employee use of the internet and email
    Exploring the challenges facing IT Mangers today and vital steps to ensure safe internet an email use by employees.
  • Phishing for victims
    This White Paper examines the phenomenon of phishing. It explains the potentially catastrophic threat it presents to all kinds of organisation. Exploding some widespread myths, it lights up the murky waters where phishing first emerged and where it continues to evolve. But it also highlights what your business can do to blunt the threat.
  • Challenges and opportunities of PCI
    The control framework implicit in the Payment Card Industry Data Security Standard (PCI DSS) provides an enterprise structure for improving operational, security, and audit performance.
  • Social CRM comes of age
    Who is this “social customer”? What strategies and tools does the new breed of CRM provide to do something about this?
  • Risk Management: Protect and Maximize Stakeholder Value
    What has held organisations back from a broader adoption of risk management programs?
*