Last week, I wrote a bit about the dangers of passwords and the relationship with the Google Docs phishing scam that recently broke. Today, Iβm going back to the Google Docs issue, but to look at it from a different angle: how scammers continue to use social engineering so successfully.
An eSecurity Planet article touched on this:
Fidelis Cybersecurity threat research manager John Bambenek said by email that the attack is a stark reminder that criminals and nation states are targeting the one thing technology can’t fix — the user. “If you can trick the user into compromising themselves, you have no need for a zero-day,” he said. “Security awareness and vigilance of end users are the key to the security of any system.”
This echoes what Nathan Wenzler, chief security strategist at AsTech, told me in an email message. Hackers are using attacks such as ransomware and honed spearphishing campaigns to go after the weakest link: people, adding:
…
Source: DRJ New feed
