Thursday, March 01, 2007

Social Engineering


So I tell a co-worker that Paris Hilton's hacker is going to jail. That led to reading about how they hacked into Paris Hilton's cell phone. Which leads to the topic of today's post.

Apparently, hackers use social engineering to get initial information, rather than high tech means. From there, they can do damage, but the first steps? They call up a service center and bluff their way into getting sensitive information.

Why am I bothering to write about this?

Somehow, in the past 15 years when cell phones became fairly ubiquitous, the line between personal and professional blurred. You have NO idea how many phone calls A DAY I get, WITHOUT a person identifying themselves, asking for someone's cell phone number.

"I'm trying to reach so and so, can you give me their cell number?"

"No."

"Umm, you don't understand, I really need to reach so-and-so. I used to have their cell phone number and I can't find it. What is it?"

"Sir, for all I know, you may be Max the Axe Murderer or worse, the IRS. I do not give out cell phone numbers."

"OH! Well, I'm so-and-so, working with so-and-so on this."

"Thank you for the clarification, sir, but I don't give out personal cell phone numbers. I can call him if you wish and have him call you, and HE can give you his cell phone number, but I don't."

*muttering*

"Fine, here is my number. Tell him to call me immediately."

Want to know what's funny? 9 times out of 10, I call the cell-phone and get voice mail.

I am NOT at all surprised that these service centers are so easily hoodwinked, if the above example is at all representative of the expectations of callers.

 
  Reactions:

comments

0 Responses to "Social Engineering"
 

Copyright 2009 All Rights Reserved Revolution Two Lifestyle theme by Brian Gardner | Blogger template converted & enhanced by eBlog Templates