{"version":"1.0","type":"rich","provider_name":"Acast","provider_url":"https://acast.com","height":250,"width":700,"html":"<iframe src=\"https://embed.acast.com/$/6dab3ca4-41f5-4fd4-bba6-224ab53f5113/633603f5d4b1ef0011c52907?\" frameBorder=\"0\" width=\"700\" height=\"250\"></iframe>","title":"How To Protect Yourself From Social Engineering Hacks","thumbnail_width":200,"thumbnail_height":200,"thumbnail_url":"https://open-images.acast.com/shows/61b79eac169562946fe952a8/show-cover.jpg?height=200","description":"<p>Hacks are increasing but the hackers are not necessarily getting more sophisticated. What do Twitter, Twilio, and Uber all have in common? They were all hacked by, in part, a conversation. In all three cases, the hack was helped along by social engineering. Someone contacted an employee of the company and tricked them into giving up the keys to the company. It doesn’t matter how fancy your 2FA system is if an employee is just gonna give up their SMS codes to some rando on the phone.</p><p><br></p><p>But worry not. There are ways to protect yourself and your company against such attacks. With me today to work through it all is Rachel Tobac. Tobac is a hacker and the CEO of SocialProof Security, a company that aims to get your organization politely paranoid.</p><p><br></p><p>She also, coincidentally, <em>just</em> published a really amazing video that dramatizes a lot about what we’re going to talk about today. You can find it on Twitter <a href=\"https://twitter.com/RachelTobac\" rel=\"noopener noreferrer\" target=\"_blank\">@racheltobac</a>.</p><p><br></p><p><strong>Stories discussed in this episode:</strong></p><p><br></p><p><a href=\"https://www.vice.com/en/article/5d35yd/the-uber-hack-shows-push-notification-2fa-has-a-downside-its-too-annoying\" rel=\"noopener noreferrer\" target=\"_blank\"><strong>The Uber Hack Shows Push Notification 2FA Has a Downside: It’s Too Annoying</strong></a></p><p><br></p><p><a href=\"https://www.vice.com/en/article/qjkvxv/how-a-third-party-sms-service-was-used-to-take-over-signal-accounts\" rel=\"noopener noreferrer\" target=\"_blank\"><strong>How a Third-Party SMS Service Was Used to Take Over Signal Accounts</strong></a></p><p><br></p><p><a href=\"https://www.vice.com/en/article/jgxd3d/twitter-insider-access-panel-account-hacks-biden-uber-bezos\" rel=\"noopener noreferrer\" target=\"_blank\"><strong>Hackers Convinced Twitter Employee to Help Them Hijack Accounts</strong></a></p><p><br></p><p><strong>We’re recording CYBER live on Twitch. Watch live during the week.</strong><a href=\"https://www.twitch.tv/motherboardtv/\" rel=\"noopener noreferrer\" target=\"_blank\"><strong> Follow us</strong></a><strong> there to get alerts when we go live. We take questions from the audience and yours might just end up on the show.&nbsp;</strong></p><p><br></p><p><strong>Subscribe to</strong><a href=\"https://itunes.apple.com/us/podcast/cyber/id1441708044?mt=2\" rel=\"noopener noreferrer\" target=\"_blank\"><strong> CYBER on Apple Podcasts</strong></a><strong> or wherever you listen to your podcasts.</strong></p><p><br></p><p><a href=\"https://link1.vice.com/join/6qz/signup-motherboard\" rel=\"noopener noreferrer\" target=\"_blank\"><strong><em>Sign up for Motherboard’s daily newsletter</em></strong></a><strong><em> for a regular dose of our original reporting, plus behind-the-scenes content about our biggest stories.</em></strong></p>","author_name":"VICE"}