In light of the upcoming “capture-the-flag type” type contest at DEF CON, this is as good a time as any to talk about social engineering. There is no technical solution to this issue. Humans cannot be patched (I am paraphrasing from a t-shirt that I saw at a conference). So, we need to help people recognize a scam when they see one.

In a CSO Online article they talk about the favorite ‘pick-up’ lines of social engineers. These and some stories shared by the publication’s readers are pretty instructive, so I will mention a few of them here for everybody’s benefit.

It’s been quite the year, hasn’t it? As we started 2009 it was hard to know what to expect. We were in the depths of our fears about the global financial crisis we had just entered. Every day seemingly brought more bad news and no one knew what would happen next.

Somehow we made it through the year and things are looking up—on some days—and not as up on others. But looking back we’ve learned many things as we’ve weathered the storm. What have we learned you may ask? Here are a few things from my marketing perspective: