http://www.networkworld.com/news/2009/121609-five-things-you-need-to.html By Robert McMillan IDG News Service December 16, 2009 SOCIAL ENGINEERING IS GROWING UP. Social engineering, the act of tricking people into giving up sensitive information, is nothing new. Convicted hacker Kevin Mitnick made a name for himself by cold-calling staffers at major U.S. companies and talking them into giving him information. But today's criminals are having a heyday using e-mail and social networks. A well-written phishing message or virus-laden spam campaign is a cheap, effective way for criminals to get the data they need. TARGETED ATTACKS ARE ON THE RISE. Northrop Grumman recently reported that China was "likely" stealing data from the United States in a "long- term, sophisticated network exploitation campaign." Security experts have noticed criminals were "spear phishing"--getting Trojan horse programs to run on a victim's computer by using carefully crafted e-mail messages. Used to steal intellectual property and state secrets, spear phishing is now everywhere. CASTING A BROAD NET PAYS OFF TOO. Less discriminating criminals cast a wider net with their attacks. They pick e-mail subjects everybody's interested in: a message from the IRS, or even "a photo of you." The more victims who click links and install the bad guy's software, the more money the criminals make. Right now, "they're doing it with messaging that is extremely broad," says Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham. [...] ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.orgReceived on Thu Dec 17 2009 - 00:07:54 PST
This archive was generated by hypermail 2.2.0 : Thu Dec 17 2009 - 00:27:24 PST