IBM Security Research Reveals Unprecedented Increase in COVID-19 Themed Scamsespecially emails. Insights on How to Protect Yourself.
Stephanie Carruthers (known by her hacker alias, Snow) specializes in social engineering–thinking like a criminal in order to “hack” the human psyche, creating ruses to lure them into divulging sensitive information or taking an action. Cybercriminals use this tactic for their advantage, helping them tailor a more targeted cyberattack or even gain physical access to a secure facility. Fortunately, Stephanie hacks humans in order to help businesses find and fix their security holes, as part of IBM’s X-Force Red. Companies hire X-Force Red to break into their networks in order to find the security flaws that exist in their technology, processes, and staff awareness. For Snow, this means gathering information that has been overshared on the web, using her social engineering skills to go “vishing” (voice phishing) for additional intel on the phone, and even creating and using fake badges, costumes, and other tricks of the trade to get inside a company’s physical location. Snow also finds information that can help the team hack a company’s computer network; such as passwords on sticky notes in the background of a YouTube video, photos of security badges with employee info displayed or laptop screens showing the types of software a company uses.