Business software giant Oracle was subjected to a targeted social engineering attack as part of a contest at security event Defcon, which is taking place in Las Vegas this week.
Several other companies including Apple, AT&T, and security firm Symantec were also attacked, but it was Oracle employees who were found to willingly hand over the most corporate information.
The attacks used were simple in nature, with some attackers calling employees posing as members of the corporate IT department.
Employees were then asked to hand over data and visit certain web sites, with many complying willingly.
"For me it was a scary call because she was so willing to comply," said Chris Hadnagy, one of the contest organisers, according to Reuters.
"This compliance could lead to serious attacks if used by the right people," he added.
Social engineering attacks such as "spear phishing", where an attacker sends someone an email purportedly from an existing contact inviting them to open a malicious link, are thought to be behind recent attacks on the International Monetary Fund and RSA Security.
Have your say on this article
Newsletters
Latest stories from Hacking
You may also like
Hacking jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
