- Social Networking The Use of Fake or Fraudulent LinkedIn Profiles
Fake LinkedIn profiles have been used in targeted attacks to establish contact with employees and in bank guarantee scams. Security researchers like Thomas Ryan demonstrated how easily fictitious...
- Malware The Use of Social Engineering by Mobile Device Malware
Mobile malware spreads primarily through social engineering rather than exploits. Techniques include disguising trojans as legitimate apps (DroidDream looked like "Super Guitar Solo"), directing...
- Malware Learn Better Security Breach PR from Harold Sun's Halfhearted Apology
Herald Sun's website was compromised to serve rogue antivirus, but their brief apology offered few details and underplayed the risk. Better post-incident communications require promptness, clarity,...
- Malware Reflections Upon Deception-Based Security Tactics
Deception tactics for IT defense include network honeypots to detect lateral movement, host-based decoys like fake files and slow service emulators, and endpoint approaches that fool evasive malware...
- Malware A Delusive Sense of Security in Walled Gardens
Walled gardens like Facebook, corporate networks, and smartphone app stores encourage users to lower their guard, creating false security assumptions that scammers exploit. People click more readily...
- Malware 6 Ideas for a Protean Information Security Architecture
Protean security architecture uses deception to complicate attackers' jobs asymmetrically—opening fake ports redirected to honeypots, deploying honeytokens mimicking applications, using DNS...