A Social engineering attack? How we beat it (Case Study)

social engineering 1

This article is regarding a recent attack on one of our clients on the 11th of August 2016. It didn’t seem to have the characteristics of a Social engineering attack until we investigated the matter further…

Here is a chronological order of events around the incident.

1. On the 11th of August at around Midday, we received a call from a client of high urgency declaring that one of their employee’s had just walked out the door and resigned. They were wary that he could have access to sensitive information and asked to disable his work email account.

2. Immediately one of our technical engineers disabled his work email, and took a look into any suspicious activity. On inspection it was discovered that he had synced his work email to his phone ten days prior on the 1st of August.

3. We phoned back the client to inform them, in which they said the employee had asked for authorisation of the mobile phone-to-email sync recently and had been given approval. We decided to look into the matter further and disable his phone emails.

 

Has your IT company got your data backed up? Here are some other questions you should be asking about them.

 

4. In doing this we found out that he had forwarded an email to himself which included attachments of customer lists, suppliers, passwords and about eight other sensitive documents. Protecting our client’s information is of top priority, so after a discussion with our client, we sent a remote command to wipe his device.

Wiping an employee’s device in the event of data breach falls under the data protection act 1998 (DPA)

5. It turned out that the employee had started working at the company on the 15th of July – not even a month before the attack. The evidence gathered from this case has all the hallmarks of a social engineering attack.

In the end we resolved the issue promptly and protected our client’s information. The client was a small company, so it really shows that it’s not just big business that are subject to attacks; Never forget how valuable your intellectual property is and how others could take advantage of poor security, no matter how big or small.

Choosing the right IT provider for your business isn’t easy. Find out how to choose the right IT provider for yourself below.