|
|
A favorite wetware attack. Most people are easily fooled because they don't believe a hacker would have the gall to carry out such an attack. Examples: - Pose as an angry customer who claims that they were promised something, but nothing was delivered. A good target would be a secretary to somebody who is on vacation.
- Pose as a system admin. A hacker calls user and tell them that them that the user has infected their machine with a virus, and that MIS is quite angry, and please give the hacker the password so they can fix it.
- Forge an e-mail to be that from somebody important. Ask for information to be posted to a web-site, sent to their home e-mail address, etc.
- Phone impersonations are a favorite. Usually need to dial-in to a secretary, then ask to be connected. Makes it look like the phone call is from inside the building rather than outside.
- Favorite trick of head hunters: call up a secretary, pose as a company parter, and ask the phone list to be faxed over.
This often requires a fair amount of research in order to play the part well.
|
