In the wake of the phone spear phishing attack against Twitter last month, researchers are reporting a spike in this kind of attack, as reported in Wired. One of the biggest concerns cited is that more established attackers will begin to leverage the technique.
Why do we care?
Security is a drum I regularly beat on here, and still think we’re losing the battle. The biggest weakness remains our people on the front lines.
That said, the best solution for services companies is providing education services for their customers. It’s desperately needed, it’s effective, and beyond that, it shores up a company’s risk from being sued if something goes wrong. Showing documentation of a comprehensive security strategy, including education for users, will go a very, very long way in your defense for that inevitable day when something goes wrong.
All the tech in the world won’t stop a well-engineered social engineering attack if the participants are willing.