Wow, nice artical. I've always been a big fan of social engineerers.
Here is a trick I playedon a buddy. Talking to him on Windows Live Messanger, I got his hotmail email address. I went to hotmail.com and requested a new password. All I needed to know was where he lived (Which I already knew) and what his favoirte movie was. I told him I was taking a survey for a school project where I asked...
1) What is your favoirte food?
2) What is your favoirte movie?
3) What is your favorite hobby?
He fell for it in an instant. After getting his password, I told him what I did, and how I did it, and he changed his password and chose a more secure security question. How was that for a lesson?
Here is a trick I playedon a buddy. Talking to him on Windows Live Messanger, I got his hotmail email address. I went to hotmail.com and requested a new password. All I needed to know was where he lived (Which I already knew) and what his favoirte movie was. I told him I was taking a survey for a school project where I asked...
1) What is your favoirte food?
2) What is your favoirte movie?
3) What is your favorite hobby?
He fell for it in an instant. After getting his password, I told him what I did, and how I did it, and he changed his password and chose a more secure security question. How was that for a lesson?
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/infocus/1527/951#951