I spend a lot of time and effort attempting to keep people safe in the digital age. Whether it's on a professional level at my job or through my writing or social media, to me it's important that everyone is as safe as they can be, knowing that nothing is 100% foolproof. Part of what I do professionally is keeping computer systems safe, and even I have had to go through the pains of wiping everything from my computer and starting from scratch more than a couple times. It happens. Even to the nerd elite.
So when someone brings me their machine or reports some sort of issue, I know it's going to be one of a few things - (1) a virus, (2) malware/scareware or (3) phishing scams. But these are all software methods with the aim of destruction or data theft. Sometimes, especially with scareware, someone's looking for the user to give up a credit card number, a user name or password, account numbers of any kind, hell, even social security numbers. The reason is that any combination of these things can be pieced together enough for someone to pass themselves off as you. And once that happens, your digital life can be reduced to ruins. Accounts or credit cards can be opened in your name, and you can wave bye-bye to your credit, your money, or even your good name. There are a lot of snippets of code or scripts or SQL injections (and blah blah the list goes on) that can do this to you. But in my experience, knowing what I know and having had to help people protect against it, I've found that there's one tool that works better than all of the above combined, and that's social engineering. Low tech compared to software hacks, but highly efficient. I wrote a bit a while ago on the topic concerning RSA a while ago if you want some details, but I'll nutshell the concept for you - social engineering means hacking people, not machines.
It's a fancy way of saying "tricking people into giving up information." And attempts have been made on all of you, whether you know it or not.
Article comments