Notable social engineers
California police departments investigating red light violations
More than 30 California police departments mail out
fake red
light camera "tickets," also called "Snitch Tickets," in an effort to
bluff registered owners into revealing the identity of the person who
was driving the vehicle at the time of the alleged violation. Because
these "tickets" have not been filed at court, they carry no legal weight
and (in the US) the registered owner has the right to remain silent and
is under no obligation to respond in any manner. In California, a
genuine ticket will bear the name and address of the local branch of the
Superior Court and direct the recipient to contact that Court, while a
fake "ticket" generated by the police will not.
[13][14][15][16]
Kevin Mitnick
Reformed computer criminal and later security consultant
Kevin Mitnick
points out that it is much easier to trick someone into giving a
password for a system than to spend the effort to crack into the system.
[17]
Badir Brothers
Brothers Ramy, Muzher, and Shadde Badir—all of whom were blind from
birth—managed to set up an extensive phone and computer fraud scheme in
Israel in the 1990s using social engineering, voice impersonation, and
Braille-display computers.
[18]
Archangel
The
white hat hacker, computer security consultant, and writer for Phrack Magazine,
Archangel
(nicknamed "The Greatest Social Engineer of All Time") has demonstrated
social engineering techniques to gain everything from passwords to
pizza to automobiles to airline tickets.
[19][20][21][22][23]
Steve Stasiukonis
Security Consultant for Secure Network Technologies. Inventor of the
USB thumb drive test where USB sticks contained exploits to test if
employees would run them from within their business environments. This
attack is now one of the most popular social engineering techniques in
existence and is used to test the human element of security around the
world.
JB Snyder
Principal Consultant for Bancsec, Inc., and one of the world's top
experts in banking cybersecurity, developed and proved in over 50 U.S.
bank locations "the most efficient social engineering attack in
history." This attack vector, primarily utilizing email, allows a social
engineer to make unauthenticated, unauthorized, large cash withdrawals
from bank branches
[24]
with an extraordinarily high success rate (over 90%) while enjoying low
probabilities of immediate detection or subsequent incarceration. Among
his other successful bank social engineering test accomplishments is
wire transfer through a combination of emails and telephone pretexting.
Mike Ridpath
Security consultant for IOActive, published author, and speaker. Emphasizes techniques and tactics for social engineering
cold calling.
Became notable after his talks where he would play recorded calls and
explain his thought process on what he was doing to get passwords
through the phone.
[25][26][27]
Others
Other social engineers include
Frank Abagnale,
David Bannon,
Peter Foster,
Mehdi Zilaoui, and
Steven Jay Russell.
No comments:
Post a Comment