of course, you cannot check that unless you know their (root/admin) password. java/windows update notifications in system tray) - in few minutes they will let you use their computers in order to check if they've been already infected. at this point that would be a crypto virus) and associate that threat with some normal computer behavior that they experience every day (i.e. In (smaller) companies you just need to present yourself as "a relevant IT security expert" and tell them a few terrifying stories about some current IT threat that they've probably heard about recently (i.e. If you need your neighbors wireless password, just tell his kid that you both need to use the same password in order to have double as fast internet as now. Nothing beats social engineering - NOTHING! Maybe not "us" (as IT pros or at least wannabe-it-pros) - but most of "the rest" will tell you their password. ![]() Typically, you should just ask people for their passwords - and they tend to tell you if you use the right tone of voice.
0 Comments
Leave a Reply. |