Social Engineering Emergency Responders
ThreatLevel: An example of leveraging open social systems to collect intelligence from people who are generally not trained for INFOSEC and usually don’t think in terms of security:
Someone is staging social engineerings attacks against emergency responders in a mysterious effort to wheedle sensitive information from them, according to a DHS information-sharing center:
“The Emergency Management and Response—Information Sharing and Analysis Center (EMR-ISAC) continues to receive information regarding instances within the Emergency Services Sector (ESS) of social engineering by telephone, electronic mail, chat rooms, bulletin boards, and face-to-face. Social engineering is a method of fraudulently gaining access privileges to an organization’s sensitive information and assets by querying personnel over the communications media identified in the preceding sentence.”
Sign up for my newsletter.