Four ways social engineers compromise a person's security defenses and gain easy access to sensitive information are.
1. Alternative communication channels
Scam artists make use of alternative channels of communication because they catch people off guard, said Zeltser.
"Attackers find their victims are more susceptible to influence when the attacker engages them using a different medium than the victim is use to," he said.
He pointed to the example of a scam that used windshield flyers. The flyers alerted drivers that their car was "in violation of standard parking regulations" and asked them to log onto a site where they could get more information.
2. Personally-relevant messaging
People don't want to just get e-mail, they want me-mail, according to Zeltser. A message that is more personally interesting is going to get more attention, and criminals know that.
He referred to one worm variant that spread by spamming victims with messages that claimed to contain breaking news that just occurred in their local town.
3. Social compliance
It is human nature to want to do what others are doing, noted Zeltser. And our tendency to follow the crowd can also make us social engineering victims. Criminals know you will be more inclined to trust something that is popular, or recommended by trusted sources.
4. Reliance on security mechanisms
Because we are so used to certain security mechanisms, and often take them for granted, they are no longer protecting us, according to Zeltser.
Zeltser retold the tale of a scam that featured a social engineer dressed as a police officer who comes into a store.
Dec 21st, 2014
Are you studying on the go? Check out our FREE app and post questions on the fly!