pr0l3 Posted May 15, 2013 Share Posted May 15, 2013 I've been designing a workshop to provide to my clients that will be based on a paper I'm going to write. The paper will be based on a social experiment I'm running. It's basically about trusted relationships and how social engineers manipulate them. Specifically in social media.I put together this website. I'm trying to collect hits. Basically hits = clicks. Clicks = simulated pwn.www.theinternetistrue.comThe premise is basically that I've found we're more likely to trust unknown content coming from social media than we are from email. We're trained to not open suspicious documents and such in email because we know they might be viruses. We're quick, however to just click randomly on links we've never heard of if they show up in our facebook feed.If this link was tied to a status update like:"IRON MAN 4 PREVIEW LEAKED!" - I'm sure someone would click on it - in this case it's safe but a bad guy could redirect you to something bad. Get it? We're more likely to just randomly click stuff based on the trust we have for social media because we apparently know the people posting. What if my account got hacked and the bad guy was posting AS me... there's no way for you to tell.I'm trying to find a few companies / users who would spread this link on their Facebook pages as part of the experiment - you'd be mentioned in the talk and put on some kind of 'supporters' page if your company can contact me after posting - I'd love to get a screen grab of the post itself... Quote Link to comment Share on other sites More sharing options...
digip Posted May 15, 2013 Share Posted May 15, 2013 Hmmm..might want to take the two installs of wordpress, make just one, and while at it, update your main sites version to latest. Also, create a new user, kill the admin account on both. You already have what, 4 other users? Admin should never be used on WordPress as a username. Just a heads up...Mr Dungey. ;) Quote Link to comment Share on other sites More sharing options...
Ariel Posted May 15, 2013 Share Posted May 15, 2013 Its these types of posts and responses that make this my favorite forum. Quote Link to comment Share on other sites More sharing options...
pr0l3 Posted May 15, 2013 Author Share Posted May 15, 2013 Believe it or not, we're in the middle of a top-down restructuring of our security protocols. You've pointed out some glaring flaws. Quote Link to comment Share on other sites More sharing options...
hfam Posted June 4, 2013 Share Posted June 4, 2013 Hmmm..might want to take the two installs of wordpress, make just one, and while at it, update your main sites version to latest. Also, create a new user, kill the admin account on both. You already have what, 4 other users? Admin should never be used on WordPress as a username. Just a heads up...Mr Dungey. ;) Pwnt. ;) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.