Examples of Threats

When you think of Internet threats, viruses and possibly scams come to mind. And certainly those are part of it, but there are many more. Threats are becoming more and more sophisticated. These threats include variations on age-old scams, such as snake-oil salesmen or spies.

Let's examine a few of the more common ones.

Social Engineering

Social engineering techniques are used to gain unauthorized information or access from someone through social contact. This common ploy can be quite effective; after all, employees are supposed to be helpful to clients and customers. Although you certainly do not need to change your customer service policies to be less helpful, you should look to see where you could be exposed.

Social engineering is one of the most common and effective means a hacker can use to gain entry to your site. It often plays out as a request for help, and through that request, the attacker can get the necessary information, get a virus into the system, or open a door. The possibilities are quite unlimited.

Calling into Your Office

One easy-to-imagine scenario is for an attacker to call into the office of the CEO. The attacker would already have a lot of information about the CEO, including the officer's background and other important data. When an executive assistant takes the call, the attacker would simply feign being transferred to the wrong extension, and ask the assistant to kindly transfer the call to technical support (or wherever the attacker ...

Get CMS Security Handbook: The Comprehensive Guide for WordPress®, Joomla!®, Drupal™, and Plone® now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.