First-Person Account of a Social Engineering Attack
darkreadingman writes, "A penetration tester tells how he broke into a bank's network dressed as a copier repairman. Some good lessons here — many companies spend millions on network security, but don't teach their employees how to challenge a stranger in the building. Social engineering at the company site can be one of the most difficult attacks to defend against." From the article: "Before departing scenes like these, we try to document the effort and provide proof of our success. I usually leave something behind and then contact the person who hired me and direct them to the mark. In this case I wrote his password on a ream of paper and tucked it under the machine."
You know, I was wondering why that guy needed my password to fix the copier.
Some attitudes replaced or by cgi optimizes
In this case I wrote his password on a ream of paper and tucked it under the machine. :)
That seems like an awful lot of effort, when you could just write it on one sheet.
"Are you sure you want to replace 'Teh Money.xls', size $13.28, modified 11/21/2006, with 'Teh Money.xls', size $1,000,000.00, modified 11/30/2006? [OK] [Cancel]"