In the first part of this article series, we discussed why it is so important to protect your business data, including the first two steps in the protection process. Once you have resolved the underlying human issues behind data theft, the remaining five steps will help you begin protecting the technological weaknesses common to many businesses.
Businesses often make social engineering (or fraud) training boring! And that’s bad for your bottom line, because no one ends up remembering how to protect your organization against threats like data theft, corporate espionage or social networking exposure.
Too often, fraud and social engineering workshops cover just the concepts that define fraud rather than the feelings that signal it’s actually in process at the moment. The key to training your executives, employees and even customers on fraud is to let them experience what it feels like to be conned. In other words, they need to actually be socially engineered (manipulated into giving away their own private information) several times throughout the training so that they begin to reflexively sense fraud as it is happening. Like learning to throw a ball, there is no substitute for doing it for yourself. Fraud detection is similar; it takes actually doing it (or having it done to you) to fully understand the warning signs. Anything less will leave your audience yawning and uneducated.
Quoted from the original CSO Online story:
Two more social engineering scenarios demonstrate how hackers still use basic techniques to gain unauthorized access, and what you can do to stop them
By Joan Goodchild, Senior Editor
May 27, 2010 —
John Sileo, an identity theft expert who trains on repelling social engineering, knows from first-hand experience what it’s like to be a victim. Sileo has had his identity stolen—twice. And both instances resulted in catastrophic consequences.
The first crime took place when Sileo’s information was obtained from someone who had gained access to it out of the trash (yes, dumpster diving still works). She bought a house using his financial information and eventually declared bankruptcy.
“That was mild,” said Sileo, who then got hit again when his business partner used his information to embezzle money from clients. Sileo spent several years, and was bankrupt, fighting criminal charges.
Mark Zuckerberg, CEO of Facebook, was interviewed just last week by Mike Arrington, co-founder of TechCrunch. They discussed privacy and how Facebook is looking to move forward in the future. Zuckerberg made some really interesting comments on Facebook, but I think the most prevalent to Identity Theft would be what he said on the progression of information sharing.
“People have really gotten comfortable, not only sharing more information and different kinds, but more openly and with more people.”
Zuckerberg also said that when Facebook began most people thought: why would I put any information on the internet at all? Now most users don’t think twice about privacy before making posts. Due to the Privacy changes Facebook made in December, your name, profile picture, gender, current city, networks, Friends List, and all the pages you subscribe to are now publicly available information on Facebook. Many people feel that this is a contradiction to what Zuckerberg had said before — that Facebook privacy controls are “the vector around which Facebook operates.” With more than 350 million users on Facebook, privacy is more important than ever.
Get monthly strategies and tips for protecting yourself and your business delivered right to your Inbox. Signup now and you'll immediately receive John's 7 Survival Strategies for Starving Data Spies!
Call us today at 303.777.3221 or 1.800.258.8076
The Sileo Group, Inc. | 381 S. Broadway | Denver, CO 80209 USA
© 2024 The Sileo Group, Inc. All Rights Reserved. Legal Information. Sitemap.
