« You know you live in the South when… | Home | Feed Readers: Take Advantage of Them! »
Social Engineering
By Nick | May 20, 2008
I have always been fascinated and amazed with social engineering. Though it is almost always used with nefarious intentions, I still find it interesting. The biggest question I have is, Is social engineering wrong, or are the people that fall for it just stupid?
According to Wikipedia and the CSEPS Course Workbook, social engineering is “a collection of techniques used to manipulate people into performing actions or divulging confidential information.” It’s the simple act of tricking someone to get something you want and it happens all the time! In fact, it happened at my home just a few weeks ago!
Christy was at my house for lunch one day when a guy came up to the door with a clipboard and a polo shirt. Christy answered the door and the gentleman asked if the house was hers. He then noticed the alarm stickers that I have on the door and windows of the house. The man asked Christy if the alrm service was hooked up and if it was monitored. A little red flag went off in Christy’s head. She thought, why the hell is this guy asking me this information? She told him that it was none of his business and that he should leave immediately. I am not saying that this guy was not an alarm salesman…all I am saying is that he might not have been. This could have been his way of “casing” my house, getting information that might help him if he perhaps wanted to break in.
I am glad that Christy had the common sense to not answer this man’s questions. What scares me though is that many people would have answered them and may have even invited him right in the house and given him the password! In many cases, I feel that people’s stupidity gets them in the most trouble. So again, is it more wrong for the guy to be practicing social engineering, or is it more wrong for the people to be stupid enough to fall for it? I agree that sometimes it is unavoidable when the people are really good at getting the information they want. At the same time though, I think that it is the individual’s (potential victim’s) responsibility to be aware that things like this are happening and that they need to protect themselves from it.
Watch out for social engineers! Some of them aren’t bad, like the telemarketers trying to trick you into buying their crafty products. But remember…some of them are. Pay attention and don’t give up information that can get you in trouble.
Topics: Uncategorized |
May 20th, 2008 at 3:27 pm
Nick, I completely agree with you and I’d think you should donate to a special fund I’ve set up to help get rid of these types of people. All you need to do is send me your credit card information and social security number and I’ll set you up with an account.
May 20th, 2008 at 6:48 pm
WOW, that is scary stuff! I am glad she was smart enough not to answer.
May 21st, 2008 at 4:56 am
Personally I would have punched him in the nose! Truthfully though if the guy would have come to my house like that I would have definitely put off a vibe that he might not want to ask those kind of questions.
You will have to ask me to tell you about the story of one of my friends elderly parents and the “roof repair” people that came to their house. They actually distracted his parents while the other person went into their house to rob them of whatever they could steal.
Trust no one!
May 22nd, 2008 at 6:57 am
Snake oil salesmen, TV evangelists, palm readers and psychics…I always go with my JDFR instincts (just doesn’t feel right), if it looks like dog **** it probably is…
May 22nd, 2008 at 11:23 am
Thanks for the story I should write about this soon. I had someone call me on my cell phone saying it was my bank calling to confirm some information on my account. The guy was nice and wanted me to verify my last 4 digits of my Social to get some kind of info he wanted to give me over the phone. RED FLAG when up and I started cursing this guy out. I even told him your the bank why in the hell would you call me to….. needless to say he hung up and I never heard from him again.
Common sense is the best..
Jay
May 24th, 2008 at 10:42 pm
I just finished reading a book on blogging that calls SEO ‘Socially Engineering Others’.
Then this. I will have to agree. Sucks.