• Choose a category
• All
• Classic-Fiction

information technology

computer administration

computer operation

help desk

management

data classification

information disclosure

phone administration

physical security

receptionist

review and updating of

telecommuter

verification and authorization procedures

power company case study

pretexter

Primary Rate Interface ISDN (integrated services digital network)

Private data classification

private investigator

privilege, access

privileged account

proxy server

psychological triggers

Public data classification

pwdump3 tool

Q

questions

anticipation of

burying key

test

R

radio system case study

rank, respect for

RAT (Remote Access Trojan)

Recent Change Memory Authorization Center (RCMAC)

receptionist

policies for

social engineering attacks on

reciprocation

reminders, security

remote access.

Remote Access Trojan (RAT)

remote command shell

removable media

reporting, security incidents

requests

for action, responding to

for information

revenge.

reverse lookup

reward program

Rifkin, Stanley Mark (social engineer)

risk assessment

role-playing, in training

S

salary, discovery of

scarcity, tendency to comply and

screen saver password

screen shots, capture

script kiddies

Secure HTTP

Secure ID,

secure sockets layer (SSL)

security

candy

codes

through obscurity

speakeasy

terminal-based

security guards

predictabilityof

social engineering attacks on

training.

Sensitive data classification

server

dial-up access number for

disclosing.

locating

proxy

service providers, accounts with

shoulder surfing

shredders

signature card, bank

silent install

social engineering

head-hunter use of

methods, common

by parents

reverse

success rate of attacks

technology combined with

terrorist use of

See also attack, social engineering

social engineers

deception by

gender of

lingo knowledge, importance of

people skills of

rank, exploitation of

Social Security Administration case study

social security number

social validation

software

antivirus

authentication

downloading or installing

enumeration

malicious (malware)

silent installation

source code, obtaining

spyware

surveillance

transfer to third parties

Trojan Horse

source, burning of

source code, obtaining

speakeasy security

SpyCop

spyware

SSL (secure sockets layer)

sting, reverse

storage, on-line

storage facility, attack on

stranger, cooperation with

student records, as target

switch, telephone.

sympathy, exploiting

system administrator privileges

T

technical support requests

telecommuters, policies for

terminal

terrorists, deception and

Test Number Directory

thin client

token, time-based.

traffic ticket, beating

training

according to job profile

to challenge authority

cleaning crews

content of program

employees to be included in

establishing a program

goals

motivating employees

necessity for

new employees

ongoing

on password security

role-playing in

security guards

security reminders, use of

structure

support for programs

testing

See also awareness program

trash

keys to wisdom regarding

policy

searching

Trojan Defense Sweep

Trojan Horse

trust

abuse of

building

credibility and

of strangers

wise use of

Trusted Person.

turning-the-tables case study

two-factor authentication

U

Unverified Person

V

validation, social

vandals, computer

vendor requests

verification

email

of employmcnt status

guidelines

of identity

line

methods

necessity of

of non-employees, criteria for

phone call for

procedures

training to obtain

vouching, third-party

video rental store case study

virus. See also antivirus software

visitors

voice mail