Security Basics mailing list archives
Steps to avoid Social Engineering
From: Tabs The Cat <tabsthecat () gmail com>
Date: Mon, 18 Apr 2005 14:39:07 -0400
Hello y'all,
I have a question for you guys (and gals). We all know about social
engineering. Some of us use it on a daily basis. And we all know how
it can be even more dangerous than any computerized attacks, but how
can we protect against it?
I'll give you an example: we have a database based program that
was written by and maintained by a third party that is in another
city. In the past when they needed access for maintenance, we would
provide them it via VPN. Recently there has been a problem so they
were contacted. Earlier today someone from that company phoned me to
discuss details about the VPN. I haven't given them any information
yet. In this case I am fairly positive it is legit since they knew the
company that we use as well as who lodged the complaint.
But how could I get this person (or any one in the future) prove
to me that they are the people who are they say they are? Any advice?
Tabs
Current thread:
- Steps to avoid Social Engineering Tabs The Cat (Apr 18)
- Re: Steps to avoid Social Engineering Cd Pirate (Apr 19)
- Re: Steps to avoid Social Engineering Micheal Espinola Jr (Apr 20)
- Re: Steps to avoid Social Engineering Dave Peters (Apr 21)
- RE: Steps to avoid Social Engineering J B (Apr 19)
- Re: Steps to avoid Social Engineering T. Shannon Gilvary (Apr 19)
- Re: Steps to avoid Social Engineering David Roman Esteban (Apr 19)
- RE: Steps to avoid Social Engineering David (Apr 19)
- Re: Steps to avoid Social Engineering Times Enemy (Apr 20)
- RE: Steps to avoid Social Engineering Aruna (Apr 19)
- RE: Steps to avoid Social Engineering Patoff Pat-EtHiQ (Apr 19)
(Thread continues...)
- Re: Steps to avoid Social Engineering Cd Pirate (Apr 19)