Social engineering steps up a notch.

Everyone knows a good liar, or do they? I’ve been reading some interesting articles about whats going on with hacked email accounts. Recent activity indicates that social engineers are using hacked email accounts to gain access to address-books for potential fraud projects.

One such project, a surgeon’s email address was hacked and his password was changed. The surgeon had no clew that the hackers where email people in his address book claiming that “he was in another country and had his money stolen”. His friends, worried, called him on the phone, at which point the surgeon found out that his email was hacked and the hacker was trying to scam the people in his address book. Because the hacker changed his password, he couldn’t even get on to warn anyone.

This is a classic example of the new age social engineer. Long gone are the days of a simple lie to gain access to a network, phone or cable system.