10th February 2007
Social engineering is the term used to obtain information from people without them realising what is going on.
A recent exercise carried out by one of our clients was to invite by email, specially selected employees (although all employees received the invitation) to take part in an exciting new venture. All, they had top do was to go to a secure web-site and enter their company log on and password to verify their interest. The recipients were warned not to talk about this venture to any of their colleagues as the matter was highly secret.
This company (that I will not identify) is accredited to ISO27001 and takes security very seriously but many of the employees did enter this confidential information into the web-site believing that it was quite innocent.
On a completely different angle and with Valentines Day approaching the chances of unauthorised entry to your organisation increases.
A delivery of flowers or chocolates is made, usually by a pretty girl, and the idea is to surprise the recipient so the usual security at reception is waived.
Entry to the company is that easy.
Social engineering can damage your security
Heybridge Business Centre
110 The Causeway, Heybridge
Essex CM9 4ND
T: 01621 857841
M: 07702 193788
© 2020 Quality Matters Ltd. All rights reserved. Responsive Design