a tale of social engineering

Very interesting tale of social engineering at DarkReading.com:

I entered the bank lobby and was immediately greeted by a woman in a small glass-paneled workspace. I mentioned we called earlier, dropped the contact's name, and indicated I was here to service the copier/printer. Without hesitation I was escorted to the machine and left unattended. To make it appear as if I were working on the device, I opened every panel on the machine, pulled all the trays out, and placed my laptop on the glass surface of the copier/printer.

I was approached by a few people who needed to make copies, I apologized for the inconvenience and said the machine might be down for 30-40 minutes. I then disconnected the network cable from the copier/printer and attached my laptop. As soon as my laptop booted up, DHCP provided a network address and I was on the internal network. I started a few of our utilities and started sniffing the traffic on the network.

Tags: 

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
To prevent automated spam submissions leave this field empty.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.