The Robin Sage saga – social engineering at its finest

The Robin Sage story broke in early July and I am late in getting to it. I was going to skip it, but it’s such a good story, I wanted to note it. The Dark Reading version is quite detailed.

The key though is straightforward – people accepted invitations from someone they did not know. It’s that simple. This is a type of “inside-out,” social engineering attack vector which has become the primary method of cyber criminals. Why bother with the traditional “outside-in” attack on network device or endpoint software vulnerabilities when all you need to do is lure the victim to a malware-laden web page.

Running a Robin Sage type of “experiment” in your organization should be part of your security awareness training program.

About Cymbel

Specialists in information security. Helping organizations secure their networks and mitigate the risks of modern threats.

Speak Your Mind