Your search keyword '"SOCIAL engineering (Fraud)"' showing total 10 results

1. Critical infrastructure cybersecurity--an overview.

Author

CAPANO, DANIEL

Subjects

*INTERNET security, *CYBERTERRORISM, *SOCIAL engineering (Fraud), *SEWAGE disposal plants, *WATER supply

Abstract

Cybersecurity is often overlooked in protecting a critical facility and the ratepayers' investment. This threat of a cyberattack on critical infrastructure is relatively new. Malware, the umbrella title given to malicious software of all stripes, can do much damage. Until recently, it was a misbegotten belief that software could harm only software; this is not so. Early DOS-based software could destroy hard drives, and it will be shown how manipulation of SCADA and networked programmable logic controllers can cause real physical damage to controlled machinery. In recent years, high-level hackers, working with nation-states and government agencies, have rigorously investigated software for flaws unknown to anyone, exploiting these flaws for espionage or general mayhem. So it is that our industry, which is increasingly relying on automation to manage rising costs and more stringent regulations, has turned to securing SCADA and other process control systems. Should such a system become compromised, the conditions for mayhem and social disruption are an opportunity for hackers. This paper provides a general overview of what could well become a major advanced persistent threat that will affect a broad class of facilities, and a few highlights illustrating the problem of protecting critical infrastructure against such a threat. Basic suggestions for site hardening are offered and recommended. [ABSTRACT FROM AUTHOR]

Published

2017

2. Password Collection through Social Engineering: An Analysis of a Simulated Attack.

Author

Cazier, Joseph A. and Botelho, Christopher M.

Subjects

SOCIAL engineering (Fraud), COMPUTER passwords, COMPUTER security, PRIVACY, COMPUTER hacking, CONSUMERS

Abstract

This study demonstrates that consumers, healthcare workers and corporate America are still very much vulnerable to simple social engineering attacks, even with current levels of security training. Through a simulation of what a real social engineer might try to do (with a few safeguards to protect participants) security levels were tested in the business district of a large downtown financial center, a hospital, and a university campus. Through the simulation attack, researchers were able to get useful demographic and tactical information from the majority of the victims. In addition, 73% of respondents shared a password with the researchers. Those with recent security awareness training were just as likely as those without to share their passwords with strangers. Results, implications and future directions are discussed [ABSTRACT FROM AUTHOR]

Published

2010

3. Preventing "Social Engineering" Attacks.

Subjects

BANK security, SOCIAL engineering (Fraud), BANK employees, CUSTOMER services

Abstract

The article discusses the prevention of attacks by social engineering in the U.S. banking industry. It notes that bank employees must be aware of not turning over usernames and remote connection settings to unidentified persons. It mentions that access credentials for sensitive customer data must be protected.

Published

2011

4. Securing Insurance for Social Engineering Exploits.

Author

Anderson, Roberta

Subjects

*ACTIONS & defenses (Law), *SOCIAL engineering (Political science), *COMPUTER crimes, *CYBERTERRORISM, *DATA protection, *SOCIAL engineering (Fraud)

Abstract

The article discusses how organizations can protect themselves from social engineering exploits, with reference to the litigation, Aqua Star (USA) Corp. v. Travelers Casualty & Surety Co. of America, No. 2:14-cv-01368 (9th Cir. Apr. 17, 2018). It is said that social engineering exploits have cost U.S. companies billions of dollars.

Published

2018

5. Two Sides of the Same Coin.

Author

TOTTY, PATRICK

Subjects

INTERNET fraud prevention, CREDIT unions, MANAGEMENT, FINANCIAL institutions, SOCIAL engineering (Fraud), INNOVATION adoption, SECURITY systems

Abstract

The article discusses the high risk of fraud and money laundering in credit unions in the U.S. It highlights several types of fraud in the financial institutions including mobile banking fraud, social engineering and social media platforms. It also cites the benefit of learning from security pitfalls in the financial industry.

Published

2017

6. Safeguards in the Age of Social Media.

Author

Cohen, Lon

Subjects

ELECTRONIC funds transfers, PREVENTION of bank fraud, SOCIAL engineering (Fraud)

Abstract

The article discusses the security risks of electronic payment transactions in the U.S. It notes that the combination of a social engineering tactic and the speed and ease of an Automated Clearing House (ACH) transfer enables criminals to devise intricate plans to steal money and have it deposited into bogus accounts. Ryan Patrick of BITS stresses the importance of education to prevent fraud and emphasizes that the people working inside the bank are the biggest risks of fraud.

Published

2010

7. COMPUTER CRACKING: The case of Kevin Mitnick.

Author

Johnson, Laura

Subjects

COMPUTER hackers, SOCIAL engineering (Fraud), COMPUTER crimes, CONSULTING firm standards, SERVICE industries, COMPUTER security

Abstract

The article profiles Kevin Mitnick, the most notorious computer hackers in the U.S. It mentions that Mitnick uses what is known as "social engineering" to accomplish his crimes. He serves four and a half year in prison pre-trial before he agreed to plead guilty to wire and computer fraud. He owns Mitnick Security Consulting LLC, an information security consulting firm based in Henderson, Nevada. He suggests not following his footsteps, noting that there are definitely other roads or other opportunities that people can learn and educate themselves about hacking, security, and pen testing.

Published

2010

8. These simple security threats may be lurking in your office right now.

Author

Poe, Emily

Subjects

COMPUTER security, COMPUTER hacking, SOCIAL engineering (Fraud), CAMERAS, SMARTPHONES

Abstract

The article discusses various security threats that could be lurking in organizations in the U.S. Topics covered include visual or in-person hacking, social engineering, and insider threats. Also mentioned is the use of smartglasses, cameras or smartphones to steal private information from a company.

Published

2014

9. The Savvy and the Sneaky: Social Engineering.

Author

Gagne, Gerald R.

Subjects

DATA security, SOCIAL engineering (Fraud), ACCESS to information, PREVENTION of computer hacking, DISCLOSURE

Abstract

The article focuses on the importance of physical security and clear policies for data security in the U.S. It mentions several social engineering tactics employed by con artists and hackers to access important and confidential information. It offers a checklist on how to protect institutions from social engineering which includes the establishment of a strong information disclosure policy, proper training to avoid dangerous schemes or information, and implementing strong network controls.

Published

2012

10. OPERATIONS TRENDS SOLUTIONS.

Subjects

CREDIT unions, SOCIAL engineering (Fraud)

Abstract

The article offers advice on how to combat social engineering and on how to increase technology and operational efficiency in credit unions in the U.S. Marketing manager David Blazier stresses the significance of giving staff adequate tools such as systematic controls and security awareness training to fight social engineering. Senior vice president of operations Rudy Pereira emphasizes the importance of adopting virtualization and embracing task automation to make technology more efficient.

Published

2010