Hacking systems is often done by exploiting human weaknesses in security systems – known as “social engineering”. This diagram from the Washington Post describes a theoretical hack which does just that: a hacker targets an employee by gathering public data from social networks and crafting an email with a malicious attachment. The malicious software is installed when the infected email is opened and a backdoor is installed, giving the hacker direct access into the company’s network.
The diagram highlights several security related issues and potential problems, including the danger of revealing public information on social networks and the potential risks of following shortened URLs which can mask a link’s true destination. (Although most URL shortening services scan for malicious software, this might not be sufficient to protect against a specially crafted or targeted attack)