Auditors Find IRS Workers Prone to Hackers
Not that it’s any less serious – in fact it’s more serious – but once again the media has no clue about what they are reporting.
The acts described to relieve these stupid ignorant moronic people of their login ID’s and passwords are simple feats of social engineering. There is no hacking involved. This is merely an act of outsmarting the idiot answering the phone.
Yes, folks… your private information is in the hands of the same kind of morons who fall victim daily to fake emails asking them to verify their bank account information. The same idiots who give their personal information out over the phone when someone calls and asks them for it. They are, indeed, the very reason why “confidence men” have ever existed in the world.
If there is any solution, it may only reside in biometrics. Of course, when dealing with this level of stupidity, you’ll be seeing people cutting off their own fingers on request. (I’m not being serious there… I hope.)
WASHINGTON Mar 16, 2005 — More than one-third of Internal Revenue Service employees and managers who were contacted by Treasury Department inspectors posing as computer technicians provided their computer login and changed their password, a government report said Wednesday.
Check out either of Kevin Mitnick’s books The Art of Deception or The Art of Intrusion. There’s plenty of stories in there about exactly what you’re talking about and how it’s used.
Yeah, I know about Mitnick’s area of expertise. I haven’t read his books, but thanks for the reminder.