Mitigating social engineering attacks
Phone calls
Phone calls have fast become common methods of social engineering. Social engineers are relying on caller ID spoofing techniques and the immediacy of a phone to get targets to comply with requests with no thinking space. Organizations are feeling the impact of phone-based social engineering attacks where IT staff are getting requests from callers claiming to be employees of the organization that have forgotten their passwords. As is the case in many organizations, the technicians will reset the password and tell the caller the new password even without having verified whether the caller is actually who they claim to be. Social engineers are also randomly targeting members of...
