Learn ‘tricks of the trade’ from a real social engineering tester. We interview William Price of Cyberx.tech to learn how they are able to successfully penetrate a company’s defenses and get access to their most critical information. How likely would your organization be vulnerable to these same methods?
In this episode:
Social Engineering Tricks with William Price – Ep 320
Today’s Episode is brought to you by:
Kardon
and
HIPAA for MSPs with Security First IT
Subscribe on Apple Podcast. Share us on Social Media. Rate us wherever you find the opportunity.
Great idea! Share Help Me With HIPAA with one person this week!
Thanks to our donors. We appreciate your support!
If you would like to donate to the cause you can do that at HelpMeWithHIPAA.com
Like us and leave a review on our Facebook page: www.Facebook.com/HelpMeWithHIPAA
If you see a couple of numbers on the left side you can click that and go directly to that part of the audio. Get the best of both worlds from the show notes to the audio and back!
Social Engineering Tricks with William Price
[04:19] Social engineering is the act of manipulating a person into performing actions or divulging confidential information. It takes experience, creativity and a deep understanding of human nature to successfully execute an attack. Unfortunately, the criminal enterprises have the money to invest in these skills and resources to pull off these attacks on a daily basis.
Social engineers use a variety of methods to gain your trust and steal your information, and they’ll do it whenever they can. They have already pulled off some well-known attacks like phishing and two-factor authentication bypassing, but there are plenty more where those came from. In this episode we discuss some of the social engineering testing stories William Price, founder and lead consultant for CyberX, has to tell from someone who gets hired to do these attacks to test the security of organizations. He tells us lots of stories about his experiences.
As we record this, the Labor day holiday is around the corner. Beware of phishing attacks!
[43:15] We see news reports all the time now where hackers have attacked large companies or hospitals with ransomware attacks. Nowadays, hackers are using more targeted, sophisticated attacks using social engineering techniques to target small companies and individuals. They don’t need a good reason to target you. They will use any reason and are willing to put in the effort for not much money.The US government has been putting pressure on hacking groups to not attack hospitals and other companies that fall within the 16 critical infrastructures. Otherwise, the government will come down on them. So, cyber criminals are losing targets that are over that line drawn in the sand. So, that leaves the small and medium size companies.
Don’t think you are too small, don’t have any valuable data, or that cyber criminals will go after the big guys because that’s where the big bucks are. As we’ve said before, cyber attacks and techniques and targets change often.
To learn more about William and CyberX, you can find him on LinkedIn. Also, check out the CyberX website and YouTube channel where you can find videos to help small and medium sized businesses. They also have a membership site, called InfoSec Academy, where they help small businesses by giving them resources, templates, guides, monthly training, etc.
Our discussion with William Price was a lot of fun. We could have talked with him for hours. His experiences confirm what we’ve been reading in the news and talk about on this podcast often. Cyber attacks are not going away. We all need to understand that and start doing more to secure our systems and train our staff to spot social engineering attacks.
Remember to follow us and share us on your favorite social media site. Rate us on your podcasting apps, we need your help to keep spreading the word. As always, send in your questions and ideas!
HIPAA is not about compliance,
it’s about patient care.TM
Special thanks to our sponsors Security First IT and Kardon.