Friday, April 20, 2007

Chocolates a security risk

Maybe not. But it seems to be a common thread with 2 stories I read recently.

The first involves a con-man spending a year using charm and chocolates to gain the trust of bank employees (and an access card in the process) before making off with £14 million worth of diamonds from the bank vault (full story here).

The second you've probably read if you keep up to date with security news. A survey/experiment conducted by Infosecurity Europe found that two thirds of people readily give up their passwords and other bits of personal information in exchange for chocolates and a smile (full story here). Side note: Doesn't someone do this type of experiment every year and pretend to be surprised when they find most people readily give up their information or passwords? The timing of this study smells a little bit "marketing related" though. Infosecurity Europe's conference takes place next week here in London. In case anyone's wondering, yes I've registered - I haven't decided how much of it I'll be attending yet.

I just thought I'd continue my theme of the week following on from my previous post. Social engineering is arguably the biggest risk to security. No amount of technology can stop it effectively.

No comments: