Quantcast

Articles

Get all-in-one coverage of Internet security and online privacy issues brought up by the industry’s leading experts at security conferences and seminars.

Social Engineering Defense Contractors on LinkedIn and Facebook 6: Preventive Measures

In conclusion, Jordan Harbinger tells a few stories from his past experience to underscore the weakest human component in information security chain. Solutions So, the solutions are obvious, right? Training: sure, you got policies with respect to social media in your company, and you’ve got this classified...

Social Engineering Defense Contractors on LinkedIn and Facebook 5: Tactic for Eliciting Private Data

Having obtained basic data on the targets, Jordan Harbinger makes a bold move to get their almost intimate details by applying more advanced social engineering. Step 6: [Hypothetically] Elicit classified info Now that I have tons of information about the company, the facilities and how things work from the...

Social Engineering Defense Contractors on LinkedIn and Facebook 4: Executing the Attack

Jordan Harbinger highlights the use of social engineering while carrying out the attack, and provides the specific data he managed to retrieve via such tactic. Step 5: Execute the attack So, I added a bunch of my targets on Facebook and I was able to get the privacy settings down so that if I added a few...

Social Engineering Defense Contractors on LinkedIn and Facebook 3: Associating with Targets

This part is about the strategy Jordan Harbinger implemented to get in touch with targets and learn their additional personal details for a successful attack. Step 3: Associate and gain rapport with targets So, now I was in and it was time to see what I could dig up. I want to make sure that I get something...

Social Engineering Defense Contractors on LinkedIn and Facebook 2: Selecting the Targets

The next phase of Jordan Harbinger’s social engineering study involves joining the environment with potential targets who have top secret level clearances. The question is: was this just some face-to-face magic that social engineers, or myself, can work in person that was getting this type of result, or is...

Social Engineering Defense Contractors on LinkedIn and Facebook

Jordan Harbinger, expert in interpersonal dynamics and social engineering, gives a great keynote at DerbyCon event, highlighting the methods it takes to elicit confidential information from people with top secret level security clearance. Thank you guys for coming to DerbyCon, aka EarlyCon, aka HangoverCon...

PharmaLeaks 4: Spamming Techniques and Payment Service Providers

In his presentation’s final part, Damon McCoy dwells on the spamming strategies used by pharma affiliates, and breaks down the costs online pharmaceutical networks have to bear. Strategies for Spamming Now that we’ve looked at some general numbers on affiliates, let’s look at some of the top earning...

PharmaLeaks 3: Customer Acquisition and Affiliate Statistics

Damon McCoy highlights the customer influx trends and basic characteristics of the affiliates operating within the three major online pharmaceutical programs. Now that we’ve looked at product demand and demographics, let’s take a look at how these programs attract new customers (see graph). On the Y...

PharmaLeaks 2: Demographics and Revenue Structure for GlavMed, SpamIt and Rx-promotion

In this entry, Damon McCoy provides results of the study about customer base, products and revenue structure of major online pharmaceutical affiliate programs. In previous studies, a lot of people, including our group, have inferred just small little parts of these online businesses. And it’s always been...

PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs

Damon McCoy, Assistant Professor at George Mason University’s Computer Science Department, gives a great presentation at USENIX Security Symposium dissecting the business model of spam-driven online pharmaceutical industry. I am going to be presenting our work on PharmaLeaks, or as I like to call it:...