Wednesday, September 23, 2015

Countering The Social Engineering Threat

An increased number of clients are experiencing social engineering attacks either directly against their finances and information assets, or the IT infrastructure upon which those assets depend for confidentiality and security.

Once only immediately saleable commodities such as credit card numbers were targeted. Now criminals are seeking medical records, credit history files, general personal identity information, significant cash funds, and online social media account information for purposes as diverse as blackmail, defamation, and identity or insurance fraud.

Highly targeted attacks often focus on uncovering commercial negotiating positions, cost-to-manufacture for orders, and in identifying holders of intellectual property or purchasing authority within an organisation. Those defending against such attacks now need to consider far more than simple monetary loss.

360is have prepared a short briefing for those tasked with defending their organisation and users from social engineering attacks including Phishing, Pharming, Vishing and SMishing. It is intended as an introduction to the technical, procedural, and human elements of a successful social engineering defence.

If you would like assistance in implementing any of the measures described in the document, or in understanding your own organisations vulnerability to social engineering attack, get in touch.

Download "Countering The Social Engineering Threat" here.