Friday, December 18, 2009

Impersonation

Impersonation is a social engineering tactic where an attacker impersonates someone, such as a repair technician, to gain access to a secured area. A repair technician shows up at the door and says I'm here to work on the phones (or server, or routers, or whatever).
Once the attacker gains access, he can steal the hardware, install malware, or install other hardware such as a protocol analyzer connected to the network and broadcasting the captured packets via a wireless access point.
Identity verification methods can also be used to thwart impersonation attempts. In other words, employees should be trained to verify visitors are who they say are.
Other social engineering tactics you should be know about are:

    Phishing

    Piggybacking or tailgating

    Dumpster diving

    Shoulder surfing

 

No comments:

Post a Comment

Total Pageviews

Kanav's ReviewBookShelf

.




Comments

Contact Form

Name

Email *

Message *