Social Engineering
Social Engineering
https://nakedsecurity.sophos.com/2016/0 ... -455063009
Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information.
Criminals have plenty of information about you, from Facebook and the likes. It opens doors to social engineering. The link above shows what could happen to you, if not careful with your personal information. Privacy and encryption are what can protect you from social engineering, but, for whatever reason, some people need to share all their life on Facebook and the likes, and more often than not whithout proper privacy settings. In my opinion, you would be better scrapping every social media, to be sure.
What i don't understand about the example above, is why the guy didn't call his wife that was supposed to be kidnapped, and instead believed everything the scammer told him, paid more than $ 1000, and only then realized the extent of his dumbness.
Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information.
Criminals have plenty of information about you, from Facebook and the likes. It opens doors to social engineering. The link above shows what could happen to you, if not careful with your personal information. Privacy and encryption are what can protect you from social engineering, but, for whatever reason, some people need to share all their life on Facebook and the likes, and more often than not whithout proper privacy settings. In my opinion, you would be better scrapping every social media, to be sure.
What i don't understand about the example above, is why the guy didn't call his wife that was supposed to be kidnapped, and instead believed everything the scammer told him, paid more than $ 1000, and only then realized the extent of his dumbness.
Re: Social Engineering
It costs the scammer virtually nothing to email millions of people. If all but a few of those people delete the email, some the few who take it seriously will be idiots, or at least they might panic and not respond in a rational way.labbe5 wrote:...What i don't understand about the example above, is why the guy didn't call his wife that was supposed to be kidnapped, and instead believed everything the scammer told him, paid more than $ 1000, and only then realized the extent of his dumbness.
People are emotional and a bit irrational at times. Social Engineering preys upon this to shange all of society
1.). Thats why we have apps with glaring security/information leaks. Because only the positive aspects of the apps are posited.
2.) No one considers that the last 4 digits of your credit card and the zipcode pretty much solves as less than 10 people from a field of 300 million+. (possile exceptions in the largest of US cities)
1.). Thats why we have apps with glaring security/information leaks. Because only the positive aspects of the apps are posited.
2.) No one considers that the last 4 digits of your credit card and the zipcode pretty much solves as less than 10 people from a field of 300 million+. (possile exceptions in the largest of US cities)
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
"Zuckerberg: a large city inhabited by mentally challenged people."
It would be easier to follow what you mean if there were fewer mistakes . I don't understand what you are pointing to with credit card and postcode data .8Geee wrote: 1.). Thats why we have apps with glaring security/information leaks. Because only the positive aspects of the apps are posited.
2.) No one considers that the last 4 digits of your credit card and the zipcode pretty much solves as less than 10 people from a field of 300 million+. (possile exceptions in the largest of US cities)
You can be identified and tracked if the bad boys know the last 4 digits of your credit card and your post code. That is all the information they need to identify you individually. That is because statistically there will be very few people with that combination.
Many apps do NOT tell you of the risks of being identified from the personal information that they openly share.
Many apps do NOT tell you of the risks of being identified from the personal information that they openly share.
"Just think of it as leaving early to avoid the rush" - T Pratchett
It is not MY problem at all.
I refuse to use un-secure applications - and that means none at all via a mobile phone.
They can be held to account if they break data protection laws. Most local councils actually tread very close to breaking the law when they sell census data commercially since that is not the use is was collected for and they don't ask permission for commercial use by third parties.
I refuse to use un-secure applications - and that means none at all via a mobile phone.
They can be held to account if they break data protection laws. Most local councils actually tread very close to breaking the law when they sell census data commercially since that is not the use is was collected for and they don't ask permission for commercial use by third parties.
"Just think of it as leaving early to avoid the rush" - T Pratchett
According to what 8Geee wrote, someone with access to a searchable database that contains those two pieces of information (someone who works at a bank, for instance) could identify you as one of perhaps 10 people. Probably it would be fairly easy to winnow out at least a few of those 10 as being unlikely candidates based on other information the searcher might have about you.
Goodo Flash
My c/c is with the Commonwealth bank so if someone there wants me they can just look me up I suppose but I owe them a lot of money anyway so they are not going to get any more. Anything that goes on the card that I don't receive a benefit from has to be removed by law if I request it anyway. I always try to avoid the desperate blokes looking for a root but then they pick you by looks so they know who I am..
If someone is in say the NAB then I won't be on their databank. Are there other likely scenarios you are aware of . I'm not Ofay on apps and the like for phones ?
Insurance companies?
My c/c is with the Commonwealth bank so if someone there wants me they can just look me up I suppose but I owe them a lot of money anyway so they are not going to get any more. Anything that goes on the card that I don't receive a benefit from has to be removed by law if I request it anyway. I always try to avoid the desperate blokes looking for a root but then they pick you by looks so they know who I am..
If someone is in say the NAB then I won't be on their databank. Are there other likely scenarios you are aware of . I'm not Ofay on apps and the like for phones ?
Insurance companies?
I am looking because this is one of those broad statements that people tend to run with that often on analysis don't pan out as true but rather are one exceptional event they have "heard" about.(Or made up!)BGeee wrote:2.) No one considers that the last 4 digits of your credit card and the zipcode pretty much solves as less than 10 people from a field of 300 million+. (possile exceptions in the largest of US cities)