Items tagged with Social engineering

The U.S. Air Force has awarded a $750,000 contract to Wombat Security Technologies for the creation of a "micro-game platform" that trains people not to fall for phishing schemes. Wombat is best known for anti-phishing training games with cartoon-like graphics and names like Anti-Phishing Phyllis, Anti-Phishing Phil, and PhishGuru. This is the second Small Business Innovation Research (SBIR) contract the USAF has awarded to Wombat. The SBIR program is basically a R&D grant program awarded to small businesses developing promising technology for government use. Anti-Phishing Phyllis and her goldfish-like boyfriend Anti-Phishing Phil teach corporate users how to avoid evil e-mails. The Phyllis... Read more...
Using a combination of social engineering and malicious software, an innovative new way to get people to install malware on their computers has recently popped up, and it all starts with finding a flier on your car's windshield stating that your car is illegally parked. The fliers are fake, but they prey on people's fears by stating, "PARKING VIOLATION This vehicle is in violation of standard parking regulations. To view pictures with information about your parking preferences, go to website-redacted." These fake fliers started appearing on windshields in the Grand Forks, North Dakota area a few days ago.  Credit: SANS InstituteIt is not clear how many vehicles had been targeted or... Read more...
The TIGTA (Treasury Inspector General for Tax Administration) has recently run a survey of the IRS to determine how well the agency would respond to a little old fashioned social engineering.TIGTA callers posed as helpdesk representatives and requested assistance changing a password.  The results are quite surprising: “In 61 of 102 cases, the TIGTA caller was able to convince an IRS employee to change his or her password as requested. Furthermore, only eight of the 102 IRS employees contacted actually contacted the audit team, the Treasury Inspector General for Tax Administration Office of Investigations, or the IRS computer security organization. These results indicate an ongoing problem for... Read more...