- outlines social engineering methods such as pretexting, phishing, spear phishing and vishing;
- presents an interview with acknowledged social engineer Kevin Mitnick;
- discusses three studies portraying how easily naive/untrained users are manipulated;
- identifies five defence measures; and
- offers a checklist to fight social engineering based on the mnemonic LIST (Legitimacy, Importance, Source, Timing).
Nov 4, 2008
Surveys and news items suggest that social engineering attacks are on the rise in terms of scale and sophistication, as well as number. A new 40-page white paper from ENISA: