Chapter 9

Case Study: The Mysterious Social Engineering Attacks on Entity Y

Introduction

Social engineering, the practice of conning people into sharing sensitive information, be it in everyday person-to-person interaction, or via cyber interconnectivity, is a real security threat that has evolved in sophistication and broadened in scope over the decade we have been both writing about it and training people how to thwart it. Unfortunately, in most organizations, countermeasures against social engineering have not kept pace, and thus the adversaries to the enterprise continue to stretch their lead and put in danger the intellectual properties of those ill-prepared corporations.

Most organizations acknowledge it as a problem, but treat it as a nuisance ...

Get Secrets Stolen, Fortunes Lost now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.