Social engineering has for a while now been cyber attackers’ best bet to enter systems and compromise accounts when actual hacking doesn’t work, or when they simply don’t want to waste much time getting in.
At this year’s edition of Hack In The Box Conference in Kuala Lumpur, Ruhr University Bochum researcher Ashar Javad’s demonstrated the possibilities offered by Facebook’s “Lost my password” / trusted friends feature. His rather extensive presentation also contained a section on several attack vectors related to social networks that should be impossible to use by now.
He created a fake account (the victim) on a number of different social networks and tried to get customer support representatives to give the attacker (in this case him) full access to the victim’s account. He attempted this by sending them an e-mail from a totally different email address than the one with which he registered the account in the first place.
SOURCE: net-security.org
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…
“Cybersecurity is increasingly complex, in part, due to the interconnected…
“Unfortunately, time and time again we see NGOs, hospitals and…
As I have always said - it is verified trust…