[ISN] New social engineering poll reveals which scam works better

From: InfoSec News <alerts_at_private>
Date: Tue, 18 Oct 2011 00:51:10 -0500 (CDT)
http://www.csoonline.com/article/691910/new-social-engineering-poll-reveals-which-scam-works-better

By Joan Goodchild
Senior Editor
CSO
October 17, 2011

Which tactic works best for a scamming social engineer? Acting like an 
authority figure and requiring a victim to answer questions and give up 
sensitive information? Or acting like a nice, trustworthy person who 
strikes up a friendly conversation and just needs the victim to tell 
them a few things to help them out?

That was the question asked by the team behind the web site 
social-engineer.org. They have just released results of a several-months 
long poll that laid out two different scenarios of how a social engineer 
might try and elicit information from a victim.

The first showed how the principle of endearment and how it may be used 
by a malicious social engineer. The example given was a social engineer 
who attempts to get strangers to engage in very personal conversation 
with him with little effort. Dressed very casually he grabbed a prop 
that he felt would endear people to him, a small sign that had a funny 
slogan on it. As he walked around, looking like a tourist with his prop, 
he was able to engage people in conversation.

"The fact is we like to deal with people who are like us, but even more 
powerfully we like to deal with those who LIKE us," said Christopher 
Hadnagy, founder of social-engineer.org and author of Social 
engineering: The art of human hacking. "Endearment makes a person feel 
liked and, in turn, like you. Endearment is used by getting on the same 
plane as the target, or giving them reasons to like you."

[...]


_____________________________________________________
Subscribe to InfoSec News - www.infosecnews.org
http://www.infosecnews.org/mailman/listinfo/isn
Received on Mon Oct 17 2011 - 22:51:10 PDT

This archive was generated by hypermail 2.2.0 : Mon Oct 17 2011 - 23:00:07 PDT