Social engineering has for a while now been cyber attackers’ best bet to enter systems and compromise accounts when actual hacking doesn’t work, or when they simply don’t want to waste much time getting in.
At this year’s edition of Hack In The Box Conference in Kuala Lumpur, Ruhr University Bochum researcher Ashar Javad’s demonstrated the possibilities offered by Facebook’s “Lost my password” / trusted friends feature. His rather extensive presentation also contained a section on several attack vectors related to social networks that should be impossible to use by now.
He created a fake account (the victim) on a number of different social networks and tried to get customer support representatives to give the attacker (in this case him) full access to the victim’s account. He attempted this by sending them an e-mail from a totally different email address than the one with which he registered the account in the first place.
SOURCE: net-security.org
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…