ZDNet UK / News and Analysis / Workspace IT / Desktop Apps

How to outsmart the silver-tongued hacker

By Brien M Posey, TechRepublic, 28 April, 2003 16:50

Daily Newsletters

Sign up to ZDNet UK's daily newsletter.

Topics

Passwords, Social engineering, Security

New twist to an old scheme I am also starting to see more subtle uses of social engineering that rely on traditional hacking techniques and the popularity of the Web. For example, a bank was a recent victim to one such social engineering scheme. The hacker registered an Internet domain name that was very similar to the bank's real domain name. Next, the hacker created an official looking form and telephoned bank employees to tell them there was going to be a change to their benefits package and that they needed to go to this particular Web site and fill out the new benefits form. The hacker then told them that the Web site required authentication and to simply enter their normal logon name and password. Of course, the Web site was not actually performing authentication. Instead, the supposed authentication mechanism was nothing more than a Web form that collected usernames and passwords and entered them into a database. All the hacker then had to do was to examine the databases contents to retrieve usernames, passwords, and other personal information. Windows XP remote assistance scheme Yet another new social engineering stunt involves exploiting Windows XP's remote assistance. It involves someone claiming to be from the IT department asking an employee if he can connect to the computer via remote assistance for the purpose of loading a security patch. After the connection is made, a spyware module is loaded onto the machine. The spyware module then collects username and password information and e-mails which it transmits to the hacker. The beauty of this technique is that the hacker never has to ask for a password. Instead, the user actually lets the hacker work on his machine by remote control. Since the user never actually sees the hacker's face, the hacker's identity is protected, especially if specific path routing is used. Specific path routing is a technique by which a hacker can direct the path of a TCP/IP connection between him and his victim. This technique is often used to obscure the hacker's true IP address or geographic location. Other schemes that have traditionally been done over the phone are now starting to show up in instant messaging and in IRC-based chats. According to Internet security Web site CERT, this exploit commonly involves tricking the user into downloading either a spyware module or a module that can be used by the hacker in a distributed denial of service attack. One particular message that is sometimes used to trick people into downloading these malicious programs is, "You are infected with a virus that lets hackers get into your machine and read your files, etc. I suggest downloading [malicious filename] and cleaning your machine. Otherwise, you will be banned from the IRC network." To prevent situations like this, I recommend installing ViRobot from Hauri onto everyone's machines. [Editor's Note: obviously, before you do this you must convince yourself that Brien Posey and ZDNet are not social engineers.] If ViRobot is running, users can rest assured that they don't have a virus, plus ViRobot is designed to spot various hacker tools that could have been installed through this or other similar exploits. What you can do Many companies are becoming aware of the risks of new social engineering techniques and have begun to develop policies designed to combat them. One of the most widely publicised examples of such a policy is the way AOL tells its customers that no customer support representative will ever ask them for their password. Unfortunately, there are countless other techniques available to the hacker. The only real defence against them is to use strong passwords and to educate your users about the different types of schemes, warning them especially about the hidden dangers of innocent conversation.
For a weekly round-up of the enterprise IT news, sign up for the Enterprise newsletter. Tell us what you think in the Enterprise Mailroom.

Related stories

Security -- can you afford NOT to outsource it?

Is it boom time for IT security?

Strong passwords a must for web apps

Bing plumbs Facebook posts into search results

Mozilla accuses Microsoft of shutting Firefox out of WOA

Post your comment

In order to post a comment you need to be registered and logged in.

You can also log in with Facebook. Log in or create your ZDNet UK account below

  • Login

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Community FAQ

Get ZDNet UK's daily newsletter

Enter your email address to sign up

ZDNet UK Live

Chris Wortman

Good I love Yahoo! Their search engine is getting better than Google as of late. I find more of what I want on the first page, and usually within...

22 minutes ago by Chris Wortman via Facebook on Linux Mint 13 ramps up for KDE release
PatrickG

openhgs has made the point for Windows 8 multiple monitors without realising it! With Windows 7 you have to switch the mouse and so your focus...

2 hours ago by PatrickG on Windows 8 could speed multi-monitor uptake
Leslie Satenstein

Mozilla has threatened to stop supporting Linux. I guess that UBUNTU is going with another browser. I indicated that if Mozilla stops supporting...

4 hours ago by Leslie Satenstein via Facebook on Firefox rapid release improves Fedora Linux
Andy Bolstridge

Much as I abhor Microsoft's licensing practices, this is almost certainly down to purchasing IT equipment via 3rd party consultants - you get the...

4 hours ago by Andy Bolstridge via Facebook on 6 million wasted licences and £1,200 PCs: welcome to government IT
Jack Schofield

@openhgs Windows users have had multiple desktops since Linus started writing Linux. They just haven't shipped as standard because not enough...

20 hours ago by Jack Schofield on Windows 8 could speed multi-monitor uptake
Jack Schofield

@Phil at Cloud4 What, Microsoft gets £1,200 per PC and £1,622 per server? Gosh, I'm amazed....

20 hours ago by Jack Schofield on 6 million wasted licences and £1,200 PCs: welcome to government IT
craigsc

You guys have no idea what is going on at Autonomy. Autonomy could have been a much more profitable organization. The sales operations at Autonomy...

22 hours ago by craigsc on HP cuts 27,000 staff as Autonomy chief Lynch leaves
Moley

How does this impact on dual or multi booting? Seems to me to more or less prohibit this, from Windows 8 anyway. Will Grub 2 recognise Windows 8,...

22 hours ago by Moley on Windows 8 start-up speed forces USB boot workaround
apexwm

I don't understand why there cannot be a slight pause during the boot process so the user can press a key. Many operating systems do this, even if...

23 hours ago by apexwm on Windows 8 start-up speed forces USB boot workaround
Gavin Goodman

You can now buy the Xi3 modular computer in the UK at http://www.ocdistribution.com . This can be bought with the Tand3m software, pricing and...

24 hours ago by Gavin Goodman on CES 2012: Xi3 microSERV3R
Phil at Cloud4

I agree: Mike Lynch can clearly build a business and manage strategy. I suspect the exit of Mike is more likely the end of a planned handover...

1 day ago by Phil at Cloud4 on HP cuts 27,000 staff as Autonomy chief Lynch leaves
Phil at Cloud4

This is unbeleivable government wastage with only one winner... Microsoft 1 - Tax payer Nil!

1 day ago by Phil at Cloud4 on 6 million wasted licences and £1,200 PCs: welcome to government IT
Mispam

So what do you do when you can't boot into windows? Why can't I just hold Shift while I power up instead of having to boot into windows and click a...

1 day ago by Mispam on Windows 8 start-up speed forces USB boot workaround
apexwm

I've also seen that Mac OS X for Intel machines is supposed to run in VirtualBox, which would also be a nice solution. I've never tried it though.

1 day ago by apexwm on xTreme Triple Booting: Linux, Mac & Windows
dave heasman

What I wonder is why when companies are caught bang to rights in not providing contracted services, people bend over to smear the customers? Surely...

1 day ago by dave heasman on Virgin throttles broadband for high-speed customers
pjc158

Strange statement from HP regarding Mike Lynch and not capable of scaling a company. Autonomy was a $7bn purchase which started as a small company...

1 day ago by pjc158 on HP cuts 27,000 staff as Autonomy chief Lynch leaves
lojolondon

Or - possibly, they will destroy business by ensuring people do not invest where there is no return. Another socialist idea, well beyond it's...

1 day ago by lojolondon on Open Data Institute will act as biz incubator
J.A. Watson

Good stuff Jake, very interesting. Thanks. jw

1 day ago by J.A. Watson on xTreme Triple Booting: Linux, Mac & Windows
openhgs

"the cost of a second LCD screen is about the same as one day of an office worker's time, so this should soon be recouped in extra productivity."...

1 day ago by openhgs on Windows 8 could speed multi-monitor uptake
Thomas Gellhaus

I also installed the KDE version; I also will probably try out razorqt since I really haven't had a chance to before. I'm looking forward to the...

2 days ago by Thomas Gellhaus via Facebook on Mageia 2 Released

Latest in Desktop Apps

Bing plumbs Facebook posts into search results

Mozilla accuses Microsoft of shutting Firefox out of WOA

Firefox 12 brings in automatic updates

Featured white papers

Email security: A comparison of the major players

Mimecast

Email security: A comparison of the major players

This guide from Mimecast considers why email security is essential, who the major players are and their strengths and... Read more

Great British computers: A ZDNet UK retrospective

ZDNet UK

Great British computers: A ZDNet UK retrospective

Would you believe the first ever business computer totted up the price of cakes, bread and pies? You would if you knew it was operated by a British tea-shop company. Take a trip down computing memory lane with this guide to great British... Read more

Seven Keys to Making or Breaking Your Exchange Infrastructure

Quest Software

Seven Keys to Making or Breaking Your Exchange Infrastructure

Are you getting maximum performance out of your Exchange infrastructure? This white paper looks at seven key aspects of controlling an Exchange email... Read more

Inside ZDNet UK

Indoor navigation coming to a mobile near you soon

Indoor navigation coming to a mobile near you soon

Software with everything

Software with everything

Asus Transformer Pad TF300T

Asus Transformer Pad TF300T

How IT is ganging up on organised cybercrime

How IT is ganging up on organised cybercrime

HTC One V: First take

HTC One V: First take

SharePoint deployment: The final chapter

SharePoint deployment: The final chapter

Ten IT jobs to save up for those rare lulls

Ten IT jobs to save up for those rare lulls