Security Basics mailing list archives
Re: Steps to avoid Social Engineering
From: Alvaro Prieto <alvaro () apg88 com>
Date: Tue, 19 Apr 2005 18:17:58 -0400
Tabs,I would highly reccommend you read Kevin Mitnick's "The Art of Deception" http://www.amazon.com/exec/obidos/tg/detail/-/0471237124/104-6364757-6014360?v=glance
It talks about many different ways a social engineer can deceive you and your company, but most importantly it has a few chapters on how to implement security and training in order to prevent these sorts of attacks.
It talks about caller-id spoofing, dumpster diving, and many other subjects. I hope this helps, Alvaro Tabs The Cat wrote:
Hello y'all, I have a question for you guys (and gals). We all know about social engineering. Some of us use it on a daily basis. And we all know how it can be even more dangerous than any computerized attacks, but how can we protect against it? I'll give you an example: we have a database based program that was written by and maintained by a third party that is in another city. In the past when they needed access for maintenance, we would provide them it via VPN. Recently there has been a problem so they were contacted. Earlier today someone from that company phoned me to discuss details about the VPN. I haven't given them any information yet. In this case I am fairly positive it is legit since they knew the company that we use as well as who lodged the complaint. But how could I get this person (or any one in the future) prove to me that they are the people who are they say they are? Any advice? Tabs
Current thread:
- RE: Steps to avoid Social Engineering, (continued)
- RE: Steps to avoid Social Engineering J B (Apr 19)
- Re: Steps to avoid Social Engineering T. Shannon Gilvary (Apr 19)
- Re: Steps to avoid Social Engineering David Roman Esteban (Apr 19)
- RE: Steps to avoid Social Engineering David (Apr 19)
- Re: Steps to avoid Social Engineering Times Enemy (Apr 20)
- RE: Steps to avoid Social Engineering Aruna (Apr 19)
- RE: Steps to avoid Social Engineering Patoff Pat-EtHiQ (Apr 19)
- RE: Steps to avoid Social Engineering Yashodhan Deshpande (Apr 20)
- RE: Steps to avoid Social Engineering Matt Cunnane (Apr 19)
- Re: Steps to avoid Social Engineering Raoul Armfield (Apr 20)
- Re: Steps to avoid Social Engineering Alvaro Prieto (Apr 20)
- RE: Steps to avoid Social Engineering Reece, Terry (Apr 19)
- RE: Steps to avoid Social Engineering P. Rodriguez (Apr 19)
- Re: Steps to avoid Social Engineering John Pettitt (Apr 20)
- Re: Steps to avoid Social Engineering rusty chiles (Apr 20)
- RE: Steps to avoid Social Engineering Sanders, Jonathan (Apr 20)
- RE: Steps to avoid Social Engineering P. Rodriguez (Apr 20)
- Re: Steps to avoid Social Engineering John Pettitt (Apr 20)
- RE: Steps to avoid Social Engineering P. Rodriguez (Apr 20)
- RE: Steps to avoid Social Engineering Patoff Pat-EtHiQ (Apr 20)
- Re: Steps to avoid Social Engineering John Blackley (Apr 20)
- RE: Steps to avoid Social Engineering Sanders, Jonathan (Apr 20)
(Thread continues...)