Back in my day, I would probe by hand. Now you can get commercial software that does the job for you.
Kevin MitnickSocial engineering is using deception, manipulation and influence to convince a human who has access to a computer system to do something, like click on an attachment in an e-mail.
Kevin MitnickIt doesn't work the same way everywhere. The Americans are the most gullible, because they don't like to deny co-workers' requests. People in the former Soviet bloc countries are less trusting, perhaps because of their previous experiences with their countries' secret services.
Kevin MitnickNo way, no how did I break into NORAD. That's a complete myth. And I never attempted to access anything considered to be classified government systems.
Kevin MitnickI can go into LinkedIn and search for network engineers and come up with a list of great spear-phishing targets because they usually have administrator rights over the network. Then I go onto Twitter or Facebook and trick them into doing something, and I have privileged access.
Kevin MitnickWhen an attacker fails with one person, they often go to another person. The key is to report the attack to other departments. Workers should know to act like they are going along with what the hacker wants and take copious notes so the company will know what the hacker is trying to find.
Kevin Mitnick