National KE-CIRT/CC Cybersecurity Best Practice Guide of the Week
In This Issue:
Impersonation – the act of presenting oneself as some else with the ultimate goal of obtaining private information, access to a person, the company premise or the company’s information systems. This is done by an impersonator.
Impersonation differs from other social engineering attacks because it occurs in person, rather than via mail or phone.
For an Impersonation attack to succeed, the impersonator does a lot of preparations. Several techniques are used. Once the impersonator has gained access to the company, these techniques can be used as well. Namely;
i. Eaves dropping.
ii. Shoulder surfing.
iii. Tail gating.
iv. Dumpster diving.
v. Stalking employees and even following them on social sites.
vi. The company websites.
vii. Black market social engineers.
The impersonator can pose as:
a. Fellow employee from another branch seeking to get access to their mails briefly.
b. A customer, service provider or technical support personnel.
c. A System support engineer offering a system update or patch.
d. A new employee requesting help.
e. A messenger dropping a package.
f. A fellow in the same career choice or interests as you.
Its’ quite a busy day at work. Zack is carrying a huge stack of reports for tomorrow’s meeting. While struggling to push the door open, the impersonator pushes the door open then gives him a hand to his desk. He introduces himself as Joe, a new intern. Zack is so thankful. Joe, looking at his watch, says, “Oh no, am late, forgot to print the doc… Hope you don’t mind if I print a one-page document from this USB disk”. With no questions asked, Zack allows him to print. At the insertion of the USB stick, an undetectable spyware auto-installs while Joe prints.
How to identify an impersonator
1. Too complimenting and flirting.
2. Stressed urgency.
3. Claiming of authority.
4. Display of discomfort when questioned.
5. Out-of-ordinary requests.
How to protect yourself from impersonation
i. Take caution of your environs.
ii. Know who should be in the facility and the requirements for entry as per the company polices.
iii. No matter how friendly a person is, don’t fulfill their ‘out-of-ordinary’ requests.
iv. Establish the sensitivity of the information in question.
v. Establish the purpose of exchange of the information in question.
vi. Confirm the real identity of the person.
vii. Entrust no one with your passwords and Lock your computer at all times before leaving it unattended.
viii. Keep confidential documents out of reach; under key and lock. If no longer needed, shred.
Have the above security tips in mind when operating your computer systems. Report any cybercrime incident/activity