Social engineering for lawyers
Social engineering is nothing new, it has been used for centuries to gain unauthorized access to restricted areas or content. Basically, social engineers use the human nature natural tendency to trust other people i n order to manipulate them into giving out sensitive data or other restricted content. They can use this information to access accounts, steal or delete information and install viruses or malware. Approximately 1 out of every 3 computers are infected with malware.
Social networking social engineering methods
Social networks are comprised of millions of users and this is the perfect breeding ground for scammers. By using malware to infect computers, scammers are able to pose as a user's friend and send them messages, posts or comments. Some of these scams use phrases similar to these.
Each of these phrases will have a link and if the recipient clicks on this link, his computer can become infected with malware as well. Then it will be used to send links to other users and the process continues.
- "Did you see this video of you? Click here to see it."
- "Why did you send this to me?"
- "Wow, is this really you in this photo?"
Each of these phrases will have a link and if the recipient clicks on this link, his computer can become infected with malware as well. Then it will be used to send links to other users and the process continues.
Tech support social engineering methods
One of the most popular scams plays on the normal computer and internet user's lack of technical knowledge. The tech will tell the user that they are infected with a virus or worm and attempt to lead them through a difficult removal. At some point, the tech will say something like, "why don't I just fix this for you? Let me have your password, I will fix it and get back to you when I'm done." The grateful user will eagerly give out the sensitive information just to avoid the headache of dealing with the problem.
Phishing social engineering methods
Phishing is an extremely large and complex subject but the basics of it are that a person may pretend to be someone they are not in order to gain unauthorized information. A web site will pretend to be a web site that is well-known and trusted to the user in order to gain sensitive information. EBay and PayPal scams are huge because the sites are generally trusted by the users and they quickly click on links in order to prevent any interruption in their use of the services.
Other sites spoof social networking sites such as Facebook and Twitter in order to trick users to inputting their login information which is recorded and stolen.
In the law firm, there is a huge amount of sensitive information. Beware of any messages, posts, comments, emails or web sites that seem even the least bit suspicious.
Other sites spoof social networking sites such as Facebook and Twitter in order to trick users to inputting their login information which is recorded and stolen.
In the law firm, there is a huge amount of sensitive information. Beware of any messages, posts, comments, emails or web sites that seem even the least bit suspicious.
Related articles
- What is Social Engineering? (webroot.com)
- Hacking the Mind [Infographic] (thetechscoop.net)
- A look at social engineering (glennswritinginterest.wordpress.com)
- The concise 2013 list of social engineering scams (concise-courses.com)
- Cybergangs embracing crimeware over social engineering (net-security.org)
- What is Phishing? (webroot.com)
- Hacking the Mind: How & Why Social Engineering Works (veracode.com)
- The Secret To Chinese Hackers Success (social-engineer.org)
- Labor Day Phishing Scams - Don't Get Hooked This Year | Webroot Software (webroot.com)
- LinkedIn Endorsements are Social Engineering (securosis.com)
RSS Feed