Security Awareness Training Blog

    Black Hat Puts Long-Term Social Engineering on Display

    ROSE

     

    This year’s Black Hat and DEF CON 2018 conferences demonstrate how cybercriminals are taking a detailed look at their potential victims in order to get past “the human firewall”.

    Phishing is already a very effective means of fooling your users into becoming unwitting prey. All it usually takes is a bit of social engineering, a dash of personalization, and favorable timing, and users quickly turn into victims.

    But as users become more conscious about the prevalence of phishing attacks and their seemingly personalized content, what constitutes “phishy” differs from one user to another. Spear-phishing was the next step in the evolution, but a session at Black Hat presented by Matt Wixey, technical research leader for PwC in the UK introduces us to a new form of longer-term, hyper-targeted phishing he refers to as ROSERemote Online Social Engineering.

    ROSE involves many tactics that, over a period of time, seek to gain the trust of the intended victim. They, generally, follow a 4-step process:

    • Analyze the Victim – A detailed examination of their victim’s personal profile is performed – this includes their online profiles, personal details (such as schools, jobs, hobbies, names of friends and family, etc.).
    • Create a Fake Online Profile – a profile of an individual with some means of establishing a conversation (e.g. interests, work, mutual acquaintances, etc.).
    • Build Credibility – Over time, the attacker posts content to reflect “details” about their fake persona, working towards direct contact with the victim with actions such as “liking” content from the target’s friends.
    • Begin the Scam – the attacker communicates directly with the victim, asking for help or with a business proposal, levering additional online contact to establish and build trust.

    The key to the success of this kind of scam rests firmly on my previously mentioned determination of what a user considers “phishy.” Getting past firewalls, antivirus, and endpoint protection is child’s play for some cybercriminal organizations. It’s getting past the user’s own sense of suspicion that requires so much work.

    Organizations using Security Awareness Training can elevate their user’s natural inclination to scrutinize every communication, online social interaction, email, web link, and attachment – even those coming from a seemingly known entity. It’s through this raised sense of security that attacks as sophisticated as ROSE – which is aimed squarely at the user and their sensibilities – can be rendered powerless.

    ROSE represents the amount of work cybercriminals will go to in order to take your organization for its money or data. It also demonstrates the importance of your organization having an appropriate proactive defense in place to stop it through new-school Security Awareness Training.

     

    Return To KnowBe4 Security Blog

    Topics: Social Engineering

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe To Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews