UVT2-RTFT Task 1
Competency 427.2.4: Advanced Social Engineering

William J. Lawson

MS Information Security & Assurance - 5/1/13
Student ID:000311942
My Mentor: Mary Gordon c: 317-448-3045
Indianapolis, IN - Eastern Time wlawson@my.wgu.edu[->0] A. Create a memo discussing how you believe the intruder gained access to the company's network using social engineering.
Incident Memo to Management Recently The Company was a victim of a Social Engineering (SE) attack, perpetrated by an unknown entity. Social Engineering is a method used by confidence men (con-men) to acquire information through human interaction that will be used to support a cyber attack. It often involves some form of trickery. In this case a supervisor assigned to handle customer complaints received an email from a suspected customer claiming that one of the products listed on the website was incorrect. The email also included a URL to the web page in question. I suspect that the attacker acquired the Supervisor's email address by first contacting the customer support desk and posing as disgruntled customer. Once the customer (attacker) stated his/her complaint to the employee and the employee responded the customer pretended that he was not satisfied and stated to the employee that his complaint was not completely satisfied. He then asked the employee for the supervisor's name, and contact information. In order to satisfy the customer the employee provides the supervisor's contact information. The attacker specifically targeted the supervisor with the assumption that his/her computer would contain higher value information and that the supervisor would have administrator access to key systems. A phishing email was sent directly to the supervisor and when the supervisor clicked on the URL a script was ran to install malicious software on his