Back to list
Bank "bankrupcy", nice social engineering case
Jul 21 2006 10:50AM
Tonu Samuel (tonu jes ee)
Re: Bank "bankrupcy", nice social engineering case[Scanned]
Jul 24 2006 10:06PM
Davie Elliott - Eluse (delliott eluse co uk)
Sounds quite similar to what the 2 main characters (the white hat and the
mob security consultant) from Sneakers where talking about.
Cosmo: "Posit. People think a bank might be financially shaky."Bishop:
"Consequence: People start to withdraw their money."
Cosmo: "Result: Soon, it IS financially shaky."Bishop: "Conclusion: You can
make banks fail."
Cosmo: "I've already done that. Maybe you've read about a few?
Think bigger."----- Original Message -----
From: "Tonu Samuel" <tonu (at) jes (dot) ee [email concealed]>
To: <realcases (at) securityfocus (dot) com [email concealed]>
Sent: Friday, July 21, 2006 11:50 AM
Subject: Bank "bankrupcy", nice social engineering case[Scanned]
We had nice case in Estonia which happened without direct intention. There
smaller town and department store wall holding only ATM at town. In some
reason department store need to construct something and to save ATM from
bank removed it temporarily from wall. Construction people decided to make
joke and put A4 size label there "Bankruptcy". Result were .....
To understand what happened, you might to think it through the eyes of
People came to ATM and instead of ATM they saw label "Bankruptcy". Sure this
label was difficult to believe but also made a bit FUD in mind, so people
looked for confirmation - but yes there was confirmation! Even ATM was
already removed from there wall! And panic begun. People grabbed cellphone
call friend and tell "Not sure but maybe bank XXXXX has bankrupted". Friend
who just got call from "Very trustable person" made already next call to own
friends "Yeah, I just got very reliable information...." and it began
It ended up in newspapers where bank explained case about ATM and
workers. Classic social engineering which sometime can cause direct loss in
less reliable situations using similar scenario.
[ reply ]
Copyright 2010, SecurityFocus