This may be a stretch, but as I read this chapter I could not stop thinking about the BB bandits in town. They have been hitting cars at night with bb guns and breaking out the windows. Over 70 cars were hit in only three nights. You may have noticed the glass piles on Dewy street. They were not stealing anything, only doing it for fun or just because they could. The police department stated that they were choosing lightly traveled roads with easy access. This seems like the same approach as the social engineers in chapter three. Most of the information obtained was over the phone, which is a very easy way out.
Protection from this type of attack is to be more skeptical and require verification. People that get irritated with having to prove who they are, are probably up to no good. I recall this from bar tending. It was paramount that we checked IDs. We could lose our jobs and be fined. Neither of which was a fun prospect in college. The people that rose a stink about showing you and ID were either European or under aged.
It occurred to me that not only is there a plethora of information out there for the attacker, but the general public as well. Too many times people take for granted the information that they can obtain if they just asked the right questions to the right people. This kind of information could be very valuable to both your firm or to yourself.
Subscribe to:
Post Comments (Atom)
3 comments:
hmm i didnt even know about the BB bandits. Kinda makes me laugh a little even though it is terrible of me. I would have never made the connection between that and social engineering but i can see what you mean now.
That got me thinking when you said that the only people that would raise a stink when you asked to check thier IDs were foreigners or underage. I bet a lot of times when social engineers get their information, it's because they raise a stink when someone does ask for ID or information, and the person probably just folds. Not back down in key.
I hadn't heard about the BB bandits either, however, I did notice some of the broken glass. Thus far in the book, it doesn't seem that the social engineers make a big deal if someone asks for ID. They come prepared with so much information and drop names that people don't even ask for ID.
Post a Comment