Prevent unwanted computers from connecting to your wireless network

 
Contact  |  Sitemap  |  Language:

Managers under attack

Managers under attack - Middle management and executives have become primary targets when performing social engineering tasks against companies. Why is that? One of the key things is that managers in general have more privileges and therefore often wider access rights to company systems. The other thing is that management have a better overview of the company and often tend to use that to delegate or send incoming contacts directly to other employees.


It is fairly easy to get in contact with management, much easier than regular employees. Mangers can get contacted when hiring personal, for comments to news papers and other statements. All contacts is a potential social engineering attack.


Managers have been contacted with accusations from consumers complaints organizations, claming the company have acted wrong and therefore need to make up for it by responding to the complaining customer. To help the manager to respond a response URL (web link) is attached to an email and when clicked on the manager can answer to the complain and will be informed that the matter now is completed. But what really happened is that his computer got infected and a Trojan now is active on the managers computer, with the managers access privileges and will be able to log keystrokes gathering passwords and do all kinds of things.


Solution

Get rid of organization charts showing name, position and photos on the company public web site.


Educate managers in handling external contacts by regular training.


Never answer accusations immediately - Always consult fellow managers and legal personal prior to answering complaints.


Be careful when using social networks like FaceBook - Social network are opened to anyone. Do not reveal personal information, former work positions or anything.


Read more on this topic

1.   SOCIAL ENGINEERING - Managers under attack

Social engineering attacks focusing on managers.

They have more privileges and knowledge about company systems.

 NEXT

2.   SOCIAL ENGINEERING - How to deal with public information

Someone calls you up at work and asks you for company public information.

You think this is OK but who is calling?

3.   SOCIAL ENGINEERING - Open after lunch

You are just back from lunch and holding up the company front door.

Who is that guy talking in his cellphone?

External Links

Three basic steps to help you create a culture of security

You must make employees and management aware of the importance of security...
/Tech Republic.com

Network Intrusion Detection Software

Free to try

Price: $59 USD

Free to try

Price: $131 USD

Register to keep posted

Register to receive LANeye email news.
To register, download and install LANeye. From within the program, use the registration dialog.


TELL A FRIEND ABOUT LANeye
Copyright © 2003-2014 ProPrat, Stockholm Sweden  |  www.proprat.com  |