Social engineering is always a popular tool used by cyber criminals. Often, the more difficult it is to exploit vulnerabilities natively, the more they rely on social engineering to make up the difference. I mean really, why would you go to all the effort to exploit a vulnerability when a user will simply give you their username and password? Phishing is still a popular method for doing just that. But this is where the classifications blur a bit. Phishing in email is a social engineering threat, but is a phishing email on Facebook a social engineering threat? Or is it a social media threat?
We got such a great response to a guest contribution by Perimeter CTO Kevin Prince over at our Network Security Edge site about his views on the top threats for this year that we asked him if we could use the information as the basis of this quick presentation.
You'll get a lot of useful info by clicking through these slides, but we strongly encourage you to check out Prince's full analysis of 2009's trends and his thoughts on the threats, both growing and persistent, facing your network.