Can I borrow your swipecard?

This case involves an accountancy firm based in South East England.  The firm had just lost a big client and as a result had to make some cuts which included letting a few members of staff go. Jamie had been one of these staff members.  He was disgruntled to say the least.  He’d expected better […]

Stay calm and (don’t) pay the hackers

This social engineering case study highlights how attackers can use curiosity, urgency and fear to manipulate victims into breaking company protocols and get a finance employee to willingly transfer £152,000 into the attackers bank account. Miranda worked in Finance for Troy Ltd.  One morning she received an email with the subject line “Urgent C.V resend: FAO […]

The enthusiastic law student

This case involves a law firm based in the south of England.  The firm was of a reasonable size and, like most law firms, held a lot of very sensitive customer data. One morning one of the solicitors received a Facebook message purporting to be from a young law student.  The message read: “Dear Jennifer, […]