ITBusinessEdge: Security 101 – Beware Of Social Engineering Exploits
Paul Mah says social engineering – fraudsters and hackers using trickery to get information from individuals that they can later use in hacking – is on the increase, and suggests what SMBs should do about it.
“Security and data breaches are hardly new, and if recent news reports are anything to go by, they have picked up recently. Having read about the stories with interest, as well as reporting on some of the cases, I cannot help but notice the social engineering angle inherent in many of them.
Take the case of the ex-Gucci network engineer who was alleged to have accessed his former company’s network without authorization. The crux of the illicit access appears to revolve around how the man tricked the IT department into activating a stolen VPN token device. According to the statement from the district attorney’s office, this opened the way for him to gain remote access via the VPN gateway and subsequently sabotage the network using his knowledge of administrator-level passwords.”