Quote:
Originally Posted by baddog
They aren't talking about phishing are they? Like they responded to one that screwed us all?
|
Spear phishing is a good example of social engineering, which generally means fooling humans. The most commonly used example is probably calling and pretending to be part of the same company, saying "this is Fred from the Omaha office". Typically the caller has an urgent problem that is a big deal for the boss. Perhaps the boss is about to give a big presentation and his laptop with the presentation on it just died, so he needs remote access to his desktop NOW.
Another example would be if I called your web hosting company pretending to be you. I would call at 2AM, when their boss isn't there, just the new guy working the shit shift. I'd claim (or cause) a server down and ask for a KVM to be put on it immediately. That KVM would let me boot into special rescue modes where passwords aren't required.
But yeah, phishing would be the most simplistic form of social engineering, social engineering for morons.
__________________
For historical display only. This information is not current:
support@bettercgi.com ICQ 7208627
Strongbox - The next generation in site security
Throttlebox - The next generation in bandwidth control
Clonebox - Backup and disaster recovery on steroids