SE

Search for:


Archive for July, 2010

Social Engineering – Fact versus Fiction

Tuesday, July 27th, 2010

Social-Engineer.Org started the idea for this years CTF without really knowing how much fear it would build into people and organizations.  From the beginning we have published our goals, rules and ideas to help squelch the fears of those who think our intent is malicious.

While it is true that social engineering will involve some deception as well as obtaining information about these companies, the information the contestants are trying to obtain is innocuous, NON-FINANCIAL and NON-PERSONAL.  At no time will we allow a contestant to make a call that will compromise a company or person’s financial, banking information or identity.

Despite all of our efforts to notify the public that we are not out for malicious gain it seems like this message is not getting through to many in the security industry.  For example, we have come across an email sent out by a large security firm to all their nationwide customers warning them about the CTF.

This email is posted below:
(more…)

Posted in General Social Engineer Blog | 1 Comment »

Social-Engineer.Org CTF Update – Awareness Abounds

Wednesday, July 21st, 2010

se ctf eff blogpost Social Engineer.Org CTF Update Awareness Abounds

We are extremely excited about the Social-Engineer.org CTF at Defcon 18. However, in the excitement some have expressed concern that contestants might act improperly or that government, companies or individuals might be adversely impacted. We want to put these concerns to rest. Our jobs at Social-Engineer.Org are to ensure the security of our clients, and our reputation is built on that promise.

The purpose of the contest is to (1) raise awareness on the threat of social engineering, and (2) challenge contestants to come up with creative, legal ways of obtaining information from companies. The contest is structured to be good, clean fun. Our goal is to show how much information companies may inadvertently divulge to individuals making regular, legal inquiries using normal channels of communication. The type of information we will be asking for will be things like the number of restrooms in the building, and the sort of candy that sells out from the vending machines first.
(more…)

Posted in Social Engineering | 2 Comments »

Defcon 18 Social Engineer CTF Update

Tuesday, July 13th, 2010

contest 2 Defcon 18 Social Engineer CTF Update

The How Strong Is Your Schmooze contest is on it’s way.  The targets have been chosen, the dossier’s have been sent and the social engineering talent has bloomed.  The team at social-engineer.org wanted to give a few updates to the CTF.

1)   There has been a lot of “fear” in the market about our contest.  In one way this is great as it is raising awareness about social engineering.  We have been sent anonymous reports about banks, credit agencies and other organization pasting posters warning of the threats of malicious social engineers.  One report we received told us that many of these organizations even mention social-engineer.org by name and warn of attempts.

(more…)

Posted in General Social Engineer Blog, Social Engineering | 1 Comment »




SE Polls

SE CTF

Brad Smith