Chapter 29

Social Engineering Deceptions and Defenses

Scott R. Ellis     kCura Corporation, Lake Bluff, IL, United States

Abstract

This chapter will illustrate a cross-section of socially engineered attacks. They are physical or virtual in nature, or a hybrid of both. Rule 1 for users on the network: Make no assumptions. You do not know what is on your network and you do not know what someone will do to get it. I will go into a few examples of what might be on your network, strictly as an exercise in imaginative thinking. Bear in mind: It is an exercise of futility. You simply cannot know all of the motives someone may have for trying to access your data. In security, paranoia is not a mental illness, it is an asset. Within the mind of a security ...

Get Computer and Information Security Handbook, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.