RSS
Social Engineering 101: Focus On Informal Conversations
from the just-don't-promise-to-protect-the-info dept
In the past, we've covered plenty of stories about social engineering to get people to admit stuff they shouldn't -- suggesting you really just need to ask people to give up personal info and they will (sometimes giving them a gift helps, but just asking alone will often do the trick). The latest study does go a little deeper, however, suggesting that the more informal the setting, the more likely people are to cough up info. For example, it found that when those asked for confidential information were promised that it wouldn't be misused they were less likely to hand over the info. Instead, if there were no promises about what would be done with the info at all, people felt that it was more informal and were more willing to give up the info. Another experiment asked people to reveal "bad" activities to a website. In one test, the website was made to look like a university website, and in another an informal site with the title "How BAD are U??" Not surprisingly, the latter got a lot more people to cough up the details of bad behavior. In that case, I'd even wonder if the "competitive" nature of the question (suggesting that you should want to be "badder" than others) also helped contribute to the openness of individuals.
7 Comments | Leave a Comment..
- Trustwave Admits It Issued A Certificate To Allow Company To Run Man-In-The-Middle Attacks
- Senator Leahy Hopes To Rush Through PIPA By Promising To Study DNS Blocking... Later?!?
- Leaked Memo Confirms Apple, Nokia & RIM Gave Indian Gov't Backdoors
- Co-Chair Of Congressional Cybersecurity Caucus Says SOPA Would Interfere With Online Security
- 'Nerds' Finally Get Their SOPA Hearings Over Technical Impact... But Not At The Judiciary Committee
Reader Comments (rss)
(Flattened / Threaded)
LOL
[ reply to this | link to this | view in thread ]
How BAD are U??
[ reply to this | link to this | view in thread ]
A better experiment
Heavens! Is that something I didn't know already?
A better experiment (granted I didn't read the original study) would be to keep the language formal while having an informal looking website, and to have a formal looking website while asking an informal question. This would indicate whether it is the wording or the website's appearance that is driving the decision about how much to reveal.
[ reply to this | link to this | view in thread ]
[ reply to this | link to this | view in thread ]
All you have to do is just ask nicely :)
[ reply to this | link to this | view in thread ]
hmm...
[ reply to this | link to this | view in thread ]
Re: How BAD are U??
Unless "openness == exaggerations or outright lies", I suspect the How BAD site was no more accurate than the clean-looking site, which is to say "not very accurate at all."
[ reply to this | link to this | view in thread ]
Add Your Comment