Women more likely than men to trade passwords for chocolate
A new survey by Infosecurity
Europe finds that women are four times more likely than men to sell their passwords
to total strangers in exchange for chocolate.
The survey of 576 office workers found that 45% of women and 10% of men would
give away passwords to strangers masquerading as market researches with the
lure of a chocolate bar as an incentive for completing the survey. The survey,
conducted outside Liverpool Street Station in the City of London, was actually
part of a social engineering exercise to raise awareness about information security.
“Our researchers also asked for workers' names and telephone numbers so
that they could be entered into a draw to go to Paris. With this incentive,
60% of men and 62% of women gave us their contact information,” said Claire
Sellick, Event Director, Infosecurity Europe.
As she revealed her details to our researchers one woman said, “even though
I have just been to Paris for the weekend I would love to go again.”
“That promise of a trip could cost you dear," Sellick said. "As
once a criminal has your date of birth, name and phone number they are well
on the way to carrying out more sophisticated social engineering attacks on
you, such as pretending to be from your bank or phone company and extracting
more valuable information that can be used in ID theft or fraud.”
Workers were also queried about their use of passwords at work, half said that
they knew their colleagues passwords and when asked if they would give their
passwords to someone who phoned and said they were from the IT department, 58%
said they would. Researchers also asked workers if they thought other people
in their company knew their CEO's password. 35% them thought that someone else
did with Personal Assistants and IT staff being the most likely suspects.
Most people used only one (31%), two (31%) or three (16%) passwords at work,
but a few poor souls had to use as many as 32! It was also found that 43% of
people rarely or never change their passwords which is very poor security practice.
The survey was carried out as part of the run up to Information Security Awareness
week which starts on the 21st April.
ITworld.com
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
