Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: InfoSec Handlers Diary Blog - Social Engineering, just by asking! InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Social Engineering, just by asking!

Published: 2007-11-21
Last Updated: 2007-11-21 15:03:38 UTC
by Joel Esler (Version: 1)
0 comment(s)

A reader wrote in to tell us about a spam he received that read like this:

"I'm a computer engineer at Islamic University of Gaza(IUG), the network of my university hacked in the last few months , now I design a secure model to repair the network security system in IUG but my experience still little, so I hope that I can obtain a diagram or flowchart or map of  your university network security system to study it and see how can apply it in IUG system."

I guess that's a good way of getting information about your network innards instead of hacking it "hey, can you just send me your visio diagram!?  That'd be great, kthnkx!"


Gotta watch out for that Social Engineering.  It's the basis of all those bank, visa, mastercard, etc.. spams.  Phishes, and whatever other things are out there now-a-days.  Counting on a "uneducated" user to click and fill out some information.

Joel Esler

0 comment(s)
Diary Archives