Updates from QA Training

Security’s weakest link

The other week I was making my regular return journey from London back to Leeds and was in the half-asleep state post training course when I was jolted awake by the most annoying of alarms – Someone else’s mobile ring-tone...


Mark Amory | 12 June 2012

The other week I was making my regular return journey from London back to Leeds and was in the half-asleep state post training course when I was jolted awake by the most annoying of alarms – Someone else’s mobile ring-tone...

The chap three-seats back answered the call and it was quickly obvious from his comments that it was a return call from a car insurance company.

Over the next five minutes, he proceeded to tell all his fellow passengers his car registration number, his home address, phone number and to top it all - his credit card details, as he set up his annual payment for his 09 plate Vauxhall Omega.
I was completely dumb-struck that this person, oblivious to his surroundings, proceeded to freely give out such sensitive details in public place.

Social Engineering is an art many people can pick up quickly, but to master takes a long time, however with people like Mr Omega knocking about, then the job becomes all the more easier.

Our IT security systems are exceptionally good at the jobs they do nowadays, so in many cases those that wish to gain access have to get the users (you and I) to bypass them in some way or another.

Many of the social engineering tricks carried out across the Internet are done remotely, so be mindful of the risks which could be present in unsolicited emails, links to unknown websites - especially those in the form of a shortened URL, attachments in emails, requests to download updates to Java, or Flash, or Acrobat and spoof URLs that look like the legitimate sites they are copying.

If you would like to know more about security - from an I.T. or Human perspective, QA offer a wide range of Security related courses.


Mark-Amory

Mark Amory

Senior Learning Consultant

After leaving a career as a mechanical & electrical engineer in 1998, Mark started out with a fresh career as an IT trainer. Spending the first few years as an applications trainer, Mark excelled in delivering Microsoft office and Adobe products. In-line with his background as an engineer, Mark soon shifted focus to more technical deliveries, including hardware and networking topics; a field he has remained in ever since. As a natural progression of his career saw Mark start to explore the security aspect of his existing competencies, and since 2005 has specialised in the cyber security domain. Mark has been the author of a number of QA cyber security courses, and was the design authority and author of the 2017 NCSC Cyber First Academy. Mark is a C|EH and is currently undergoing the process of becoming an NCSC Certified Cyber Professional.
Talk to our learning experts

Talk to our team of learning experts

Every business has different learning needs. QA has over 30 years of experience in combining the highest quality training with the most comprehensive range of learning services, ensuring the very best fit for your organisation.

Get in touch with our learning experts to talk about how we can help.