social engineering Resources

ZDNet Dictionary Definition

Social Engineering: Using persuasion and deception to obtain confidential information from someone by phone or in person. It is the low-tech approach for breaking into a computer system. Sometimes, a...; Full Social Engineering Definition >>

ZDNet Resources

Fake CNN news items malware campaign spreading rapidly: A currently active malware campaign taking advantage of a known social engineering tactic, namely, to entice the spammed user into clicking on a site with a fake news item in order to trick them into installing a fake Flash player (flashupdate.exe; get_flash_update.exe and watchmovie.mpg.exe), was massively spammed last night, with...; Tags: malware, social engineering, cnn, spyware, adware & malware, cyberthreats, e-mail, viruses and worms, security, online communications, dancho danchev; Blog posts 2008-08-06
Twitter being used to distribute malware: Last week, when I wrote about Aviv Raff's auto follow-me vulnerability on Twitter, I warned that it was only a matter of time before we see nasty social engineering malware attacks on the popular microblogging service. Well, it's here. Malware hunters at Kaspersky Lab...; Tags: Malware, Social Engineering, Twitter, Spyware, Adware & Malware, Cyberthreats, Corporate Communications, Viruses And Worms, Security, Marketing, Ryan Naraine; Blog posts 2008-08-04
Web worms squirm through Facebook, MySpace: My colleagues at Kaspersky Lab see disclosure have intercepted two new worms squirming through MySpace and Facebook, using social engineering lures to plant malware on Windows systems. The worms propagate via the comments features on the two popular social networks, using video lures and fake Flash Player...; Tags: Web, Facebook, Kaspersky Lab, Network, Macromedia Flash Player, Social Engineering, Worm, MySpace, Victim Machine, Cyberthreats, Social Networking, Viruses And Worms, Security, Online Communications, Marketing, Advertising & Promotion, Ryan Naraine; Blog posts 2008-07-31
Storm Worm says the U.S have invaded Iran: Storm Worm says the U.S have invaded IranA little more convincing....Maybe if the storm worm article didn't sound as such a blatantly obvious fabrication some idiot who didn't know how far a was from z on a keyboard would have fallen for it. With all the things the storm worm...; Tags: Cyberthreats, Broadband Internet, Network technology, TELECOMMUNICATIONS, Storm Worm, U.S, storm worm; Discussion threads 2008-07-09
Researcher claims thousands of identities stolen during Social Engineering pentests: Researcher claims thousands of identities stolen during Social Engineering pentests"Pentest"?Was ist das? Ach du lieber, here it is. Found the following using Google:Definitions of pentest on the Web in German:Ein Penetrationstest ist* in der Netzwerktechnik eine Methode, Sicherheitsschwachstellen festzustellen, siehe Penetrationstest Informatik* in ...A "penetration test". Hadn't...; Tags: social engineering, identity; Discussion threads 2008-07-02

Researcher claims thousands of identities stolen during Social Engineering pentests: Kelly Jackson Higgins of Dark Reading, reported on research conducted by Joshua Perrymon, hacking director for PacketFocus Security Solutions and CEO of RedFlag Security, who has been performing social engineering exploits for numerous clients in the past year and has apparently stolen thousands of identities with a 100 percent success rate. ...; Tags: Social Engineering, Identity, Dark Reading Article, Identity Theft, Security, Nathan McFeters; Blog posts 2008-07-01
Fake ImageShack site serving malware, links distributed over IM: In a combination of domain typosquatting next to spoofed image files, malware authors managed to successfully impersonate ImageShack, the 5th largest image hosting website on the Internet, the result of which is a malware campaign circulating over MSN, enticing users into infecting themselves by clicking on the spammed links to...; Tags: HTTP, IM, Malware, Social Engineering, ImageShack, ImageShack Site, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Dancho Danchev; Blog posts 2008-06-11
How was Comcast.net hijacked?: It's official, even a pothead can social engineer Network Solutions. In an in-depth interview with the hijackers, featuring some screenshots showing they had access to the complete portfolio of over 200 domain names controlled by Comcast, the details of how they did it, and why they did it are now...; Tags: Network Solutions Inc., Comcast Corp., Social Engineering, Attack, Domain Registrar, Security, Dancho Danchev; Blog posts 2008-05-30
ICANN warning against registrar impersonation phishing attacks: How realistic is an attack that successfully hijacks a domain by social engineering the domain's registrar? Pretty realistic according to ICANN's recently released advisory on preventing Registrar Impersonation Phishing Attacks : In this Advisory, SSAC describes generic forms of this type of attack. We consider types and formats of...; Tags: Registrar, ICANN, Domain, Social Engineering, Phishing, Cyberthreats, Spam, Viruses And Worms, Security, Spam And Phishing, Dancho Danchev; Blog posts 2008-05-28
Microsoft: XBox Live account theft was social engineering attack: Microsoft: XBox Live account theft was social engineering attackSO WHY ARE YOU POSTING HOW TO DO THIS???So the site that is closed down that tells you how to do this is down, but ZDNet puts the information for everyone to have access.If the whole security breach was indeed someone calling...; Tags: Litigation, Game players, Sony Corp., misrepresentation, Microsoft Xbox Live, fraud, Microsoft Xbox, Social Engineering, social engineering, Sony PlayStation 3, Microsoft Corp.; Discussion threads 2007-03-22
Are companies doing enough to fight phishing?: Are companies doing enough to fight phishing?Disagree on monetary analysisWhile the general idea of something like S/MIME is good your statement that the banks sending out snail mail letters being more expensive than S/MIME ignores the fact that end users don't understand S/MIME and what makes those emails more secure....; Tags: Cyberthreats, SECURITY, banking, S/MIME, e-mail, bank, phishing, Social Engineering; Discussion threads 2006-07-17
Massive, under-reported online banking breach raises serious disclosure and remedy questions: Massive, under-reported online banking breach raises serious disclosure and remedy questionsHear! Hear!Whenever I read that ZDNet is just an industry shill, I shall think of this insightful, pointed and incisive article. The story here is the story, just what real journalisin is all about. Good work!More dangerous than the link...; Tags: Cyberthreats, Spam, SECURITY, Social Engineering, online banking, phishing, bank; Discussion threads 2006-06-02
Top 10 rogue anti-spyware: Top 10 rogue anti-spywareanother FCC target was Spyware AssassinThe FCC shut down a Washington state operation selling Spyware Assassin. Company agreed to pay $76,000 to settle the action.another FTC target was Spyware AssassinThe FTC shut down a Washington state operation selling Spyware Assassin. Company agreed to pay $76,000 to settle...; Tags: Spyware, adware & malware, Cyberthreats, Viruses and worms, SECURITY, anti-spyware, backup strategy, spyware, Spyware Assassin, malware, social engineering; Discussion threads 2005-12-22
Spyware at epidemic proportions: Spyware at epidemic proportionsNo problemon my Linux box! STILL no spyware after 10 years . . .what does infected meanIf by Infected they mean the user has a cookie from doubleclick then the figure should probably be higher.Spouting big headline catching numbers and not explaining what's behind them is just...; Tags: Spyware, adware & malware, Cyberthreats, Viruses and worms, SECURITY, Social Engineering, spyware, epidemic proportion; Discussion threads 2005-08-24
Phishers target Yahoo Messenger: Phishers target Yahoo MessengerIf You're Dumb Enough To Fall For ItYou get what you deserve.....People should be wise to this by now.Message has been deleted.I hate phishers.I like making them look like terrorists with some nice carnivore food or the third party software that the FBI outsources too. Its...; Tags: Instant messaging, Social Engineering, IM, Yahoo! Inc.; Discussion threads 2005-03-24
Social Engineering: Techniques That Can Bypass Intrusion Detection Systems: The purpose of this paper is to explain how Social Engineering can defeat Intrusion Detection ID Systems. As one now enters the 21st Century, the computer age and cyber warfare is in full swing. Companies and organizations are still not fully addressing or understanding the issue of Social Engineering. The...; Tags: Technique, Intrusion Detection System, Social Engineering; White papers 2000-10-18

Additional Resources

Inside India's CAPTCHA solving economy: No CAPTCHA can survive a human that's receiving financial incentives for solving it, and with an army of low-waged human CAPTCHA solvers officially in the business of "data processing" while earning a mere $2 for solving a thousand CAPTCHA's, I'm already starting to see evidence of consolidation between India's major...; Tags: CAPTCHA, Dancho Danchev; Blog posts 2008-08-29
Top social networking sites in Japan in June 2008: June 2007 June 2008 % Change Total Internet 53,716 56,220 5 MIXI.JP 12,367 12,738 3 MYSPACE.COM 1,137 1,245 10 Orkut N/A 638 N/A FACEBOOK.COM 172 538 213 Gree 531 455 -14 Source: comScore ...; Tags: Network, Social Networking, Internet, Online Communications, Marketing, Advertising & Promotion, NB; Blog posts 2008-08-29
Say goodbye to Yahoo! Mash: Say goodbye to Yahoo! MashSocial networking is the problemThe whole "social networking" paradigm has a fundamental problem, and that is that keeping in touch with other people shouldn't be an objective in and of itself.Yet a lot of these "concepts" are just that: get people into a herd mentality so...; Tags: Social networking, Yahoo! Mash, Yahoo! Inc.; Discussion threads 2008-08-28
Say goodbye to Yahoo! Mash: On today's web, so many social sites never get off the ground because users don't easily migrate from their online communities. As much as I want MySpace to die, people will still be using it as long as their friends are using it. Yahoo's mashup social network...; Tags: Yahoo! Inc., Social Networking, Collaboration, Networking, Online Communications, Marketing, Advertising & Promotion, Andrew Mager; Blog posts 2008-08-28