Welcome to NBlog, the NoticeBored blog

I may meander but I'm 'exploring', not lost

Dec 12, 2006

Bank robbery, the social engineering way

A classic social engineering attack on a bank, as described by the boss of a penetration testing company, is just as scary as the case studies in Ira Winkler's Spies Among Us. The perpetrator gains access to the bank network simply by posing as a photocopier technician. It's scary because the story rings true. It's a typical Security Manager's nightmare scenario. The customer service ethic of the front line bank staff trumped any security awareness they might have had. The inadequate technical security controls on the bank LAN are entirely credible. [Thanks to my friend Alisdair for sharing this link.]
More social engineering resources