[ISN] Social Engineering Grows Up

http://www.darkreading.com/author.asp?section_id=314&doc_id=1204252 By Kelly Jackson Higgins Dark Reading 4/7/2014 Fifth annual DEF CON Social Engineering Capture the Flag Contest kicks off today with new “tag team” rules to reflect realities of the threat. The wildy popular DEF CON Social Engineering contest this year in Las Vegas will feature a new twist: Each contestant will be assigned a teammate to whom they must hand-off during the live event where they cold-call targeted corporations. “We needed to create an event like the real world,” says Christopher Hadnagy, chief human hacker at Social-Engineer.org , and organizer of the contest, now in its fifth year. “In the 30 minutes [of the live call], you have to tap out at least twice” so that each teammate will have a role in the live call. The contest aims to wring as much potentially revealing information about the company from the unsuspecting call recipient. Contestants squeeze as many predetermined “flags” out of employees at major US corporations, everything from the type of browser they are using to the name of their cleaning/janitorial service. The pretense could be that the caller needs to hand the call to his manager or another colleague, for example, to provide more legitimacy for the call