“Most scams work because victims are successfully convinced the scam is real. Thus, victims give criminals their information more often than it is maliciously stolen. A scammer’s main goal is to convince you to hand over your information voluntarily, as opposed to using forceful intimidation or threats."
"While hostility is one social engineering methodology, expert scammers know they will be most successful if they gain your trust. Identity thieves do their homework on your interests, business relationships, demographics, behaviors and other personal details before targeting you in a scam to align with these elements. The research and strategy that goes into planning a scam attack is what social engineering is all about.” (Fighting Identity Crimes, 2017)
Have you ever wondered where cybercriminals get their information? What is their starting point? Open‐Source Intelligence (OSINT) is an increasingly popular tactic that hackers are using to target organizations and their employees. OSINT is the act of scraping data from publicly available sources. Attackers use the data obtained from OSINT gathering to craft realistic social engineering campaigns.
To read the rest of this whitepaper, click this link:
Social Engineering Part 2: Open-Source Intelligence (OSINT)
Want to be part of what we do next? Join our Team.