Social engineering - exploiting the weakest links
Surveys and news items suggest that social engineering attacks are on the rise in terms of scale and sophistication, as well as number. A new 40-page white paper from ENISA:
- outlines social engineering methods such as pretexting, phishing, spear phishing and vishing;
- presents an interview with acknowledged social engineer Kevin Mitnick;
- discusses three studies portraying how easily naive/untrained users are manipulated;
- identifies five defence measures; and
- offers a checklist to fight social engineering based on the mnemonic LIST (Legitimacy, Importance, Source, Timing).