ITBusinessEdge: SMBs Vulnerable To Social Engineering Exploits
SMB columnist Paul Mah discusses the risks inherent in not training employees to identify social engineering exploits designed to extract information for use in computer system hacking.
“Studies in the past have already shown SMBs to be lacking when it comes to security training. Should this be translated into a deficit in general security awareness, however, the situation becomes exploitable by social engineering to carve holes in even the most robust IT defenses like a hot knife through butter.
In fact, social engineering was actually used as part of Operation Aurora (aka The Google Hack) to determine working relationships between company staffers. This allowed the hackers to craft spoof e-mails with a much higher chance of tricking users into visiting a malware site. When you get down to it, the perpetuators could have learned of Google’s use of Internet Explorer 6 through social engineering, too.”
