Social Engineering Emergency Responders

ThreatLevel: An example of leveraging open social systems to collect intelligence from people who are generally not trained for INFOSEC and usually don’t think in terms of security:

Someone is staging social engineerings attacks against emergency responders in a mysterious effort to wheedle sensitive information from them, according to a DHS information-sharing center:

“The Emergency Management and Response—Information Sharing and Analysis Center (EMR-ISAC) continues to receive information regarding instances within the Emergency Services Sector (ESS) of social engineering by telephone, electronic mail, chat rooms, bulletin boards, and face-to-face. Social engineering is a method of fraudulently gaining access privileges to an organization’s sensitive information and assets by querying personnel over the communications media identified in the preceding sentence.”

Sign up for my newsletter.

Leave a Reply

Your email address will not be published. Required fields are marked *