by Mike Masnick
Fri, Aug 3rd 2007 5:02pm
The IRS has had problems modernizing their computer system in the past, but no matter how modern your computer system is, security is weak if your employees are easily duped through social engineering techniques. A new study found that 60% of the employees they tested were willing to hand over sensitive info to a person calling and posing as IRS tech support. This type of social engineering happens all the time, but it seems especially worrisome that so many IRS employees would be so willingly giving out info when they have access to so much confidential info and should be especially aware of the threat. In fact, the report notes that similar tests were done in 2001 and 2004 and the IRS promised to put in place measures to prevent these types of tricks from working. Apparently, that hasn't really happened.
If you liked this post, you may also be interested in...
- NSA Director: If I Say 'Legal Framework' Enough, Will It Convince You Security People To Shut Up About Our Plan To Backdoor Encryption?
- Lenovo CTO Claims Concerns Over Superfish Are Simply 'Theoretical'
- Lenovo Quietly Deletes That Bit About 'No Security Concerns' To Superfish... While Superfish Says 'No Consumers Vulnerable'
- Lenovo In Denial: Insists There's No Security Problem With Superfish -- Which Is Very, Very Wrong.
- President Obama: I'm A Big Believer In Strong Encryption... But...