Ransomware Social Engineering

Ransomware Social Engineering

1.???? Target company – ‘ACME’

2.???? Target company employee – ‘PAT’ – Find worker from target company on LinkedIn, preferably I.T. administrator/engineer/architect as these personnel are likely to have elevated permissions within the company infrastructure. This account will likely have access to read the company directory such as Active Directory, export and analyze to understand account naming patterns to learn of service accounts and administrative accounts.

3.???? Social engineer target company employee – Using a recruiter like profile, reach out to potential employees at target company with “job opportunities” as bait to encourage target company employee to relinquish sensitive PII such as personal email address, personal phone number, and resume, which either confirms the personal information or provides additional such as additional personal ?phone numbers and email addresses, home address, full name as appears on resumes, and a detailed list of their work history.

The reason this works is human’s desire. An enticing job opportunity will have a high rate of success phishing for personal information. If the social engineering went as far as pretending to submit the candidate for the opportunity, these calls usually end with confirmation of identity often being 1) birth date and month and 2) last 4 # of the SSN. The year someone is born is not hard to find online.

The attacker can learn the work email of ‘PAT’ generally by making a request to the company front desk by stating they need to contact that person for a seemingly valid reason. Email addresses are usually not considered sensitive information for non-executives.

After a brief intro on LinkedIn, the attacker has learned through social engineering:

  • If ‘PAT’ is an active employee of ‘ACME’.
  • If ‘PAT’ is a contractor of ‘ACME’.
  • If ‘PAT’ has the access needed for the attack at ‘ACME’ because they have the resume.
  • If ‘PAT’ is a choice ‘ACME’ account to compromise.
  • ‘PAT’s Work email address
  • ‘PAT’s Full Name
  • ‘PAT’s Personal address
  • ‘PAT’s Personal phone number(s)
  • ‘PAT’s Personal email address(s)
  • ‘PAT’s Detailed work history
  • ‘PAT’s DOB
  • ‘PAT’s last 4 of ‘PAT’s SSN

Is ‘ACME’ prepared for the attacker to have all this information?

The attacker calls the IT helpdesk pleading for assistance logging into a new computer. “Normally the username is there… since my old computer won’t start, I can’t verify.” Some may not think twice about confirming a username… the attacker has enough information to make a guess. And if that doesn’t fix the problem… it’s time to try a new password. The attacker has enough information to proactively inform the IT department that they changed their phone #, confirm the old number, then provide a new number for MFA.

What happens now? https://itngen.com

要查看或添加评论,请登录

Kenneth Winiecki的更多文章

  • Covid 19 daily tip #4 - Breathing & Exercising

    Covid 19 daily tip #4 - Breathing & Exercising

    Covid 19 is not a tornado that appears in the darkness of night to take you away without warning. You have time! You…

    1 条评论
  • Covid 19 daily tip # 3 - Masks

    Covid 19 daily tip # 3 - Masks

    We all know that using masks can reduce the transmission of disease by reducing the amount of airborne transmission of…

    2 条评论
  • Covid 19 daily tip # 2 - NSAIDs

    Covid 19 daily tip # 2 - NSAIDs

    Medicine like Tylenol, Advil, Aspirin, Aleve (Naproxen) and other NSAIDs do not help fight the virus. They do help with…

    5 条评论
  • Covid 19 tip of the day - Covid-19 # 1

    Covid 19 tip of the day - Covid-19 # 1

    Understand the virus. Covid-19 The infection rate is 1.

    1 条评论
  • Making People Believe - A Lesson From Coach Jim Harbaugh

    Making People Believe - A Lesson From Coach Jim Harbaugh

    I once had the chance to have lunch with Coach Jim Harbaugh just before his first year with the San Francisco 49er’s…

    2 条评论
  • Who is checking "AI"?

    Who is checking "AI"?

    Artificial Intelligence - "AI" is a common buzz term today but is "AI" really intelligent, and who is checking? AI is…

    2 条评论
  • What about driverless cars that breakdown?

    What about driverless cars that breakdown?

    Anyone think about all the driverless cars that will breakdown? I mean seriously..

    4 条评论
  • A.I. vs Insurance - Progressive Snapshot

    A.I. vs Insurance - Progressive Snapshot

    Last week I wrote an article in which I questioned "If Car insurance companies survive the world of evolving AI?"…

  • Smart Cars are destroying our roads!

    Smart Cars are destroying our roads!

    The State of California requires 59 billion dollars to repair the existing transportation infrastructure, not…

  • Can Insurance Companies survive the world of evolving AI?

    Can Insurance Companies survive the world of evolving AI?

    I spent many years working in the “Insurance Industry” as well my mom, my wife, and many friends. However for the past…

社区洞察

其他会员也浏览了