Do you ever get the feeling users still don’t believe or understand how easy it is for threat actors to find information to use against them and/or our organizations? Or about how trivial it is for threat actors to blend in with normal activity? Are you fascinated or flabbergasted that the most simplistic good ol’ fashioned social engineering tricks (cyber or physical) are still successful after all these years?
A recent post at HelpNetSecurity shares a social engineer’s real-world tricks, especially ones that leverage the overlooked threats to physical security. Specifically, the importance of being diligent about physical information that is posted online. For example, freely accessible information found online could reveal vital critical infrastructure designs and configurations that provide insights into how a threat actor might circumvent physical security systems and procedures.
Social engineering tactics are timeless and make very good security awareness refreshers and reminders. So, next time you’re scratching your head for a topic, don’t belabor over the new buzzword-laden threats. You may wish to consider just going back to basics. Check out HelpNetSecurity for more.