Social Engineering Part 1

Know thy enemy

Social engineering is the practice of obtaining confidential information through manipulation of legitimate users. Learn to detect when you are being used!

  • A person could call, pretending to be someone else to obtain confidential information. They might insist it is an emergency and they need the information fast. Always authenticate the person first before giving any information!
  • A person might claim to be from the IT department and request access to a server area. Never allow anyone access to any area unless they are propery identified and you can confirm their identity.
  • Someone could drop a CD labeled “Salaries 2012”around the company. If you try to open the CD, unbeknown to you, a malicious program (virus,trojan, etc) could be installed in the background allowing access to your computer.
  • If you ever find a CD or any media of such, return it and notify the IT Department!

 

 

Written by

Comments are closed.