IRS Employees Fall For Hackers

linuxwrangler writes "Treasury department auditors recently posed as network technicians and attempted to get IRS employees to reveal their usernames and passwords and/or change the password to one suggested by the "technician". The result: over one-third shared their passwords. If there is any good news in the story it is that the 35% figure represents a substantial reduction from the 71% who fell for the ruse in 2001."

Re:Social Engineering is the biggest problem

[caino59]

yea - fuck that - i work in support and hate dealing with assholes that think they know our system and everything else b/c they have a masters or, even worse - a doctorate, in a computer related field.

The best is, after they try and berate you and make asses out of themselves, you ask them what their IP address is now (after you walked them through checking what it was before) and they 'forget' how to get there.

fucking assholes.

Re:Social Engineering is the biggest problem

[The+Spoonman]

Just curious, but where are you? I don't think I've seen a credit card receipt anywhere in the last few years that has had more than just the last four digits of the card number.

I agree I'm impressed by the clerk. I always write "MUST ASK FOR ID" in permanent black marker ink on the back of every one of my credit cards, and it never ceases to amaze me how people will pretend to look at my card, then my signature on the receipt and hand both back to me. If I'm feeling evil, I'll turn to my gf and loudly say something like, "See, I told you they never really check the signatures on your cards here. And you were worried we'd get caught with his card!" Yeah, I know the trouble that could get me in. Most of the time, though, I'll make sure to make note of the person's name and contact their corporate offices with a long and scathing letter.