Cisco Blogs

Cisco Blog > Security

NCSAM Tip #5: Social Engineering Techniques and How to Avoid Them

Today’s NCSAM Tip is on recognizing and avoiding the most commonly used social engineering techniques. The root of the problem is simple enough: people are too trusting of content on the Internet. There is a long promoted perception of community, information sharing, free items, help, and friendliness on the Internet that has lulled many into a false sense of safety or security. Unfortunately, the reality is that just about every “con, scam, grift, hustle, bunko, swindle, flim flam, gaffle, sting or bamboozle” known is alive and well on the Internet. When you more closely examine the social engineering techniques that are used by criminals on the Internet, you see they are often the same or variations of con games and scams that go way back, and that many people are familiar with. This too gives people a false sense of security in that many believe they can identify these malicious attempts to exploit them. But, many tests of these beliefs have shown that most fail.

Instead of looking at the complicated technical details or various techniques themselves, it is easier to see the human factors they are attempting to exploit. Cisco SIO did some research of those human factors commonly exploited in 2010, and included the findings in the Cisco 2010 Annual Security Report. What we found was that regardless of the technical details or specific techniques and variations, the attackers commonly attempted to exploit a short list of human weaknesses:

Read More »

Tags: , , , ,

Social Engineering – the Exploit that Predates Computers

At Cisco we understand that the field of IT has grown considerably over the past few years, reaching the point where even professionals in the industry can have a hard time keeping up with everything that is happening in all areas. With groups like Anonymous and LulzSec taking down some pretty big names, it is clear that there is need for greater awareness of security and some of the issues that make security an interesting but ongoing challenge.

Read More »

Tags: , ,

It Crawled Out of the Sandbox

Security and functionality have lived on opposite ends of the spectrum since the dawn of time. The door with no lock has always been easier to use than something with multiple chains and dead bolts. Of course, the unlocked door has always been easier to open for those who may want to do bad things.

Read More »

Tags: ,

Cisco at RSA 2011

The past year has been an interesting one in IT in general, and security in particular. We have seen the continued growth of Internet traffic, the ongoing rise of the could, the consumerization of IT and the growth of social networks, all making the challenge of delivering secure, reliable, seamless connectivity to increasingly distributed users on a proliferating forest of increasingly diverse devices. With new challenges like government-backed cyberwar efforts such as Stuxnet, hacktivism and not so anonymous DDoS attacks, a big mobility push and an emphasis on telework, IT and security groups have their hands full.

Come join us at RSA 2011 in Moscone Center in San Francisco. The show is running February 14-18 and we are excited to be showing some of our latest and greatest security solutions and technologies at Booth 1717.

Read More »

Tags: , , , ,

Scammers Go Mobile. Read All About It.

Sorry, I couldn’t resist the New York Post headline.

We’re at a very exciting time in our industry. There is a shift underway to mobile devices and cloud computing, both of which have exciting ramifications for unleashing a new wave of productivity in the enterprise. But don’t think that scammers aren’t benefiting off this wave as well. They are also enjoying an increase in productivity.

Read More »

Tags: , , , , ,