As a partial defense against this type of social engineering, a company I once worked for arranged to publish some fake entries in the company phone list, with extensions that rang through to HR. The extensions were at the beginning of our block. If the phone list got into the wrong hands, the fake people would be called. Or if a recruiter started working their way through the company, the fake people would be called. Either way, this gave HR a quick heads-up that we were being "hacked".

A few got through. My favorite was "Hi, this is <mummble> in accounting. We need to verify your position, manager, and salary." That tends not to work well when your company is 50 people under the same roof.

In reply to Re: Security: Technology vs Social Engineering by dws
in thread Security: Technology vs Social Engineering by chunlou

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.