Why go to all the trouble of breaking into an online account when you can just ask for the keys?
While security experts released new password recommendations this summer, legions of hackers long ago realized that getting into a victim’s email or iCloud doesn’t require keyloggers, zero days, or USBs pre-loaded with malware. Nope, it’s much easier than that.
All it takes is a little charm.
Welcome to the world of social engineering, where those looking gain access to protected places (be they physical or digital) talk, bluff, confuse, or trick their way past the gatekeepersSocial-Engineer, Inc., a security company that specializes in helping corporations prepare for this sort of attack, defines the technique as “any act that influences a person to take an action that may or may not be in their best interest.” Read more…