Social engineering is the use of deception to manipulate individuals into disclosing sensitive information that may be used to compromise a network, infiltrate an organization, gain access to trade secrets, as part of a cyberstalking campaign, or in furtherance of an espionage operation.
Bleeping Computer regularly reports on social engineering attacks such as one that was discovered last month and involved a fake adult website. Earlier this month a social engineering attack involving Microsoft Edge was also exposed.
Another social engineering case that received a lot of attention between 2015 and 2017 revolved around Crackas With Attitude (CWA). One of the crew, Justin Liverman, received five years in prison, despite the fact that he hadn’t actually hacked any accounts himself. He had also agreed to a plea deal. Sentenced by Judge Gerald Bruce Lee in the Federal Court of the Eastern District of Virginia, the judge admonished the group for the chaos unleashed: “Your intent was clear, and that was to wreak havoc.”
According to an affidavit filed, the group didn’t gain access into the restricted accounts by way of hacking. Instead, they used social engineering and impersonated their targets and various IT support personnel, purporting to help the victims. Ars Technica reported that, “on October 11, 2015, one of the suspects allegedly accessed the account belonging to Brennan by posing as a technician from Verizon. The suspect then tricked another Verizon employee into resetting the password for Brennan’s Internet service. Prosecutors said the suspects went on to take over a…