I agree with the guy who referenced Mitnick, as long as there are humans using the machines, there will be open avenues for suckering someone with social engineering techniques.
It blows my mind that most average users will not THINK before opening up an email or do simple things like saving the file to disk first. If you did that you would see, hopefully, that the extensions are suspicious and delete the file and/or email. Also, being a little suspicious has it's good points too. You just can't assume an email is what it is, but yet people do.
With propagation of MyDoom estimated at one million machines, I think there will be work for secpros for the far off future.
It blows my mind that most average users will not THINK before opening up an email or do simple things like saving the file to disk first. If you did that you would see, hopefully, that the extensions are suspicious and delete the file and/or email. Also, being a little suspicious has it's good points too. You just can't assume an email is what it is, but yet people do.
With propagation of MyDoom estimated at one million machines, I think there will be work for secpros for the far off future.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/216/24689#24689