Skip to content
Awareity
Awareity

The Pre-Incident Prevention Experts

Primary Navigation Menu
Menu
  • Home
  • About
    • About
    • Awareity Butterfly Effect
    • In The News
    • Contact
    • Support
  • Solutions
    • Information Security Training
      • Information Security Awareness Training
      • Awareness and Accountability Vault (AAV)
    • Prevention and Connecting the Dots Platform
    • First Preventers Framework
    • Prevention and GAP Assessment
    • Threat Assessment Teams
    • Climate Surveys
    • Partners in Prevention
    • Industries
      • K12
      • Higher Education
      • Diocese
      • Healthcare
      • Government
      • Corporate
  • Blog
  • Info Request

Is Your Company Vulnerable to Social Engineering?

By: Awareity
On: August 5, 2010

 

Lessons learned from a recent hacking competition at Defcon revealed yet again that your employees are the biggest threat to your organization.

With just two phone calls, a hacker posing as a Louisiana-based employee handling claims involving the Gulf oil spill was able to trick a computer support employee at BP into divulging sensitive information that could have proved crucial in launching a network attack.  The employee provided information to the caller including the model of laptops BP used, the specific operating system, browser anti-virus and VPN software.  The hacker also convinced the employee to visit an unknown web site, Social-Engineer.org.

Other hackers in the competition asked company employees what version of Adobe Reader the company used or who the garbage collector was that hauled their trash.  Employees seemed extra willing to help the hackers who pretended to lack specific information.   Several large corporations were targeted including BP, Shell, Apple, Google, Microsoft, Cisco Systems, Proctor and Gamble, Pepsi, Coca-Cola and Ford.  Only 3 of the 10 companies passed the test and did not provide any sensitive information.

Are your employees this gullible?  Is your company vulnerable to social engineering attacks?

By sharing real-world stories like the competition results above, you can help your employees understand risks and potential consequences of revealing sensitive information.  Managers can help employees become aware of how they can protect their jobs, their organization and your organization’s clients by preventing data breaches, information losses, lawsuits, etc.

Hackers are continuously developing new tactics and more sophisticated strategies for retrieving information from unsuspecting employees.  Because we know hackers are getting better at social engineering, it is critical for your organization to develop better awareness training and education to keep up with changing risks, threats and more sophisticated techniques.

Link: Companies Fail Social Engineering Contest

2010-08-05
Previous Post: Perceptions of Campus Safety – Are You Helping Your Students Feel Safe?
Next Post: Building A Preparedness Program…like Building a Skyscraper?

READ MORE:

WATCH MORE:

Not seeing the form to request information? Drop us a line and we’ll send you more information!

Recent Blog Posts

Higher Ed Research facts, silos, and different actions

April 10, 2025

Community Research facts, silos, and different actions

April 10, 2025

K12 Research facts, silos, and different actions

April 3, 2025

Bias-based Decisions Can Be Overcome

December 4, 2024

First Preventers Believe…

October 18, 2024

Rick Shaw, Founder & CEO

Click here to learn more about Founder, CEO, and Prevention Specialist, Rick Shaw.

Awareity on Twitter

Tweets by Awareity

Search

Tweets by Awareity

Support

Need more information on
Support for AAV or TIPS?

Click here

What are you looking for?

Connect the Dots With Us!

 | |

Designed using Dispatch Premium. Powered by WordPress.

This site uses cookies to ensure that we give you the best experience on our website. Continuing to use this site means you are agreeing to the use of cookies.Ok