Fake social media ID duped US Government security and IT
http://www.itworld.com/security/380874/fake-social-media-id-duped-security-aware-it-guys
Security experts used fake Facebook and LinkedIn profiles pretending to represent a smart, attractive young woman to penetrate the defenses of a U.S. government agency with a high level of cybersecurity awareness, as part of an exercise that shows how effective social engineering attacks can be, even against technically sophisticated organizations.
The attack was part of a sanctioned penetration test performed in 2012 and its results were presented Wednesday at the RSA Europe security conference in Amsterdam by Aamir Lakhani, a counter-intelligence and cyberdefense specialist who works as a solutions architect at IT services provider World Wide Technology.
By building a credible online identity for a fake attractive female named Emily Williams and using that identity to pose as a new hire at the targeted organization, the attackers managed to launch sophisticated attacks against the agency's employees, including an IT security manager who didn't even have a social media presence.
...
Within the first 15 hours, Emily Williams had 60 Facebook connections and 55 LinkedIn connections with employees from the targeted organization and its contractors. After 24 hours she had 3 job offers from other companies.