• Blog
  • About
Technology Tips For Lawyers

Social engineering for lawyers

3/26/2013

0 Comments

 

Social engineering for lawyers


Picture
Social engineering is nothing new, it has been used for centuries to gain unauthorized access to restricted areas or content. Basically, social engineers use the human nature natural tendency to trust other people i n order to manipulate them into giving out sensitive data or other restricted content. They can use this information to access accounts, steal or delete information and install viruses or malware. Approximately 1 out of every 3 computers are infected with malware. 


Social networking social engineering methods

Social networks are comprised of millions of users and this is the perfect breeding ground for scammers. By using malware to infect computers, scammers are able to pose as a user's friend and send them messages, posts or comments. Some of these scams use phrases similar to these.

  • "Did you see this video of you? Click here to see it."

  • "Why did you send this to me?"

  • "Wow, is this really you in this photo?"

Each of these phrases will have a link and if the recipient clicks on this link, his computer can become infected with malware as well. Then it will be used to send links to other users and the process continues.

Tech support social engineering methods

One of the most popular scams plays on the normal computer and internet user's lack of technical knowledge. The tech will tell the user that they are infected with a virus or worm and attempt to lead them through a difficult removal. At some point, the tech will say something like, "why don't I just fix this for you? Let me have your password, I will fix it and get back to you when I'm done." The grateful user will eagerly give out the sensitive information just to avoid the headache of dealing with the problem.


Phishing social engineering methods

Phishing is an extremely large and complex subject but the basics of it are that a person may pretend to be someone they are not in order to gain unauthorized information. A web site will pretend to be a web site that is well-known and trusted to the user in order to gain sensitive information. EBay and PayPal scams are huge because the sites are generally trusted by the users and they quickly click on links in order to prevent any interruption in their use of the services.

Other sites spoof social networking sites such as Facebook and Twitter in order to trick users to inputting their login information which is recorded and stolen.

In the law firm, there is a huge amount of sensitive information. Beware of any messages, posts, comments, emails or web sites that seem even the least bit suspicious.


Related articles
  • What is Social Engineering? (webroot.com)
  • Hacking the Mind [Infographic] (thetechscoop.net)
  • A look at social engineering (glennswritinginterest.wordpress.com)
  • The concise 2013 list of social engineering scams (concise-courses.com)
  • Cybergangs embracing crimeware over social engineering (net-security.org)
  • What is Phishing? (webroot.com)
  • Hacking the Mind: How & Why Social Engineering Works (veracode.com)
  • The Secret To Chinese Hackers Success (social-engineer.org)
  • Labor Day Phishing Scams - Don't Get Hooked This Year | Webroot Software (webroot.com)
  • LinkedIn Endorsements are Social Engineering (securosis.com)

0 Comments



Leave a Reply.

    Subscribe to our mailing list: 


    Sync and integrate your Evernote, Dropbox, Google Drive, SkyDrive and Box accounts

    Technology Tips  For Lawyers

    Helping lawyers solve the technology puzzle.

    Archives

    February 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013
    January 2013
    November 2012
    October 2012
    September 2012
    August 2012

    Categories

    All
    Amazon S3
    Amicus
    Android
    Backup
    Basecamp
    Box
    Byod
    Clio
    Cloudhq
    Cloud Integration
    Cloud Security
    Cloud Security
    Cloud Storage
    Collaboration
    Data Loss Protection
    Data Loss Protection
    Dragon
    Dropbox
    Encryption
    Evernote
    Facebook
    Firefox
    Gmail
    Google
    Google Apps
    Google Chrome
    Google Docs
    Google Drive
    Google Plus
    Google Reader
    Google Scholar
    Information Security
    Information Security
    Ipad
    Linkedin
    Mobile
    Mobile Apps
    Mobile Security
    Mobile Security
    Paperless
    Rocket Lawyer
    Rocket Matter
    Rss Reader
    Search Engine Optimization
    Skydrive
    Social Engineering
    Social Media
    Software As A Service
    Sugarsync
    Tablet
    Twitter
    Virtual Office
    Windows 8

    RSS Feed


cloudHQ