"In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication"  . Protection from Fraudlent Messages We typically associate phishing emails  with poor grammar and misspellings. However, this is not the…

Customer service and help desk personnel are among an organization’s most vulnerable staff members. This is because their job is to provide “help” in a friendly and polite manner. As a result, attackers often exploit this to learn sensitive information. Customer Service —Phone Attackers usually obtain phone numbers from an organization’s website, in addition to any specific routing emails used…

Scam artists engage in fraudulent or deceptive actions to defraud others. A common method scam artists use is Mass-Marketing Fraud. Mass-Marketing Fraud Mass marketing fraud (MMF) refers to any fraud scheme that uses mass-communication. This includes communication by the Internet, telephone, mail, or in-person. Mass-Marketing fraud includes schemes such as Romance Scams, Advanced Fee Fraud…

The Federal Trade Commission (FTC) defines data brokers as “companies that collect information, including personal information about consumers, from a wide variety of sources for the purpose of reselling such information to their customers for various purposes, including verifying an individual’s identity, differentiating records, marketing products, and preventing financial fraud.” Protecting…

There are many factors that contribute to disgruntled employees in the workplace. However, the process typically begins with an employee feeling overworked, underpaid, unappreciated, or passed up for a promotion. In fact, a job satisfaction survey conducted by The Conference Board Consumer Confidence Survey® highlights the five components that US workers are least satisfied with. To enumerate,…

Sometimes people use the phrase identity theft and identity fraud interchangeably. However, two different processes are involved with these phrases. Identity theft is when identity thieves steal Personally Identifiable Information (PII).  PII includes such things as your name, address, Social Security number and email address. Whereas identity fraud is the unauthorized use of stolen PII to…

Espionage, commonly known as spying, is the practice of secretly gathering information about a foreign government or a competing industry, with the objective of placing one's own government or corporation at a strategic or financial advantage. However, espionage is not synonymous with all intelligence-gathering disciplines.  Codebreaking (cryptanalysis or COMINT), aircraft or satellite…

NOTICE: The information in this article is for penetration testers to use during a professional pen testing audit ONLY and not for illegal purposes. Each reader will need to be aware of their locations and legal boundaries in regards to the tactics mentioned within. Penetration testing (also called pen testing) is the practice of testing a computer system, network, web application or onsite…