Jamie Woodruff is a Certified Ethical Hacker and Certified Penetration Testing Engineer from London. He specialises in social engineering. At a recent gathering of RITTech members in London, he discussed hacking tools, techniques and how even seemingly secure organisations can be laid bare. His talk explored traditional social engineering attacks against people and also social exploits that rely on technology.
He pointed to CEO fraud as a common means by which hackers can dupe their way into an organisation’s infrastructure.CEO fraud sees a hacker send an official looking email in the name of a victim firm’s CEO. The email might ask for a phone list, passwords or critical operational information. Because the email purports to come from the firm’s chief, recipients are more likely to comply with the request - forgetting the security implications along the way.