Register Members List Search Today's Posts Mark Forums Read

Reply
 
Article Options
How to prevent Social Engineering.....
liamwli
Join Date: May 2012
Posts: 172

by liamwli liamwli is offline 01 Jul 2012

You may be thinking "Not another post on securing my forum", but this post also touches on a hacking method known as 'Social Engineering' - so read on....

So, you have secured your forum in every way possible - you changed the AdminCP directory name, passworded the new directory, chosen very secure passwords but.

Your forum got hacked. You run around like a headless chicken trying to fix it, at the same time trying to figure out how they did it. You were running the latest vB, you start to think that it may have been a mod that you installed - but it wasn't.

It was Social Engineering.

Social engineering is when someone gains the complete trust of a forum founder, and then abuses that trust. Social engineering can take a long time to complete - but it can be devastating to a forum.

If you end up trusting someone a lot, they may have access to your cPanel, your FTP area, your database, SSH!

Imagine what they could do - they could delete the database, they could delete the entire forum files, they could delete any internal backups you have. Just think about it for a minute....

Scary thought, yes?

So how do I prevent it?

That is the million pound question, isn't it?

The best way to protect yourself is to not hire strangers to do work on your forum. If you must, then use separate logins, and check logs and EVERYTHING to see what they did. Check your plugins area for any new plugins, and ensure that if you are giving someone AdminCP access, they have the bare minimum admin permissions.

Social engineering doesn't just devastate a forum/website. It can devastate a human being. They placed their trust in you, and it was abused.

Don't fall foul to Social Engineering. Follow all the safety tips on the internet. Only trust people you know in real life - and don't trust them either!

I hope this article will open the eyes of some people....

Liam
Views: 6359
Reply With Quote
Comments
  #2  
Old 24 Jul 2012, 06:16
abdobasha2004's Avatar
abdobasha2004 abdobasha2004 is offline
 
Join Date: Aug 2008
I just never make anyone else admin
the most trusted and working for years are supermoderators
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Article Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 00:16.

Layout Options | Width: Wide Color: