What do we have to worry about in 2010 from an information security perspective?
- Social engineering is always a popular tool used by cyber criminals. Often, the more difficult it is to exploit vulnerabilities natively, the more they rely on social engineering to make up the difference. I mean really, why would you go to all the effort to exploit a vulnerability when a user will simply give you their username and password? Phishing is still a popular method for doing just that. But this is where the classifications blur a bit. Phishing in email is a social engineering threat, but is a phishing email on Facebook a social engineering threat? Or is it a social media threat?