The recent security events at RSA and Epsilon have raised once again the question of social engineering attacks against enterprises. RSA employees were targeted by an email titled “2011 Recruitment Plan.” The subject seemed relevant and interesting enough for the targeted employees to open it. This email included an attachment that exploited a Flash vulnerability in order to install malware on the employee's computer. This is the entire essence of social engineering - how do cyber criminals trick users into voluntarily doing something thay really shouldn't.
- MICKEY BOODAEI, CEO Trusteer
- InfoSecurity
- Posted On