Chapter 11. Combining Technology and Social Engineering
a social engineer lives by his ability to manipulate people into doing things that help him achieve his goal, but success often also requires a large measure of knowledge and skill with computer systems and telephone systems.
Here's a sampling of typical social engineering scams where technology played an important role.
HACKING BEHIND BARS
What are some of the most secure installations you can think of, protected against break-in, whether physical, telecommunications, or electronic in nature? Fort Knox? Sure. The White House? Absolutely. NORAD, the North American Air Defense installation buried deep under a mountain? Most definitely.
How about federal prisons and detention centers? They must be about as secure as any place in the country, right? People rarely escape, and when they do, they are normally caught in short order. You would think that a federal facility would be invulnerable to social engineering attacks. But you would be wrong—there is no such thing as foolproof security, anywhere.
A few years ago, a pair of grifters (professional swindlers) ran into a problem. It turned out they had lifted a large bundle of cash from a local judge. The pair had been in trouble with the law on and off through the years, but this time the federal authorities took an interest. They nabbed one of the grifters, Charles Gondorff, and tossed him into a correctional center near San Diego. The federal magistrate ordered him detained as a flight ...
Get The Art of Deception: Controlling the Human Element of Security now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
